Main Vulnerability Database SB20250919121

SB20250919121 - Buffer overflow in Linux kernel powercap driver

Published: September 19, 2025 Updated: September 22, 2025

Security Bulletin ID SB20250919121

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Buffer overflow (CVE-ID: CVE-2023-53428)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the scmi_powercap_unregister_all_zones(), scmi_powercap_get_parent_zone() and scmi_powercap_probe() functions in drivers/powercap/arm_scmi_powercap.c. A local user can escalate privileges on the system.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/3e767d6850f867cc33ac16ca097350a1d2417982
https://git.kernel.org/stable/c/8022b64fb7daa6135d9f7b0e2f7b5b8e9e5179c9
https://git.kernel.org/stable/c/b427c23cebc5c926516f20304bf1acc05a33d147
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.16