SB2025091914 - Memory leak in Linux kernel iwlwifi fw driver
Published: September 19, 2025 Updated: September 22, 2025
Security Bulletin ID
SB2025091914
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2023-53422)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iwl_dbgfs_fw_info_seq_next() function in drivers/net/wireless/intel/iwlwifi/fw/debugfs.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/37f64bc8e001f216566d17ef9fd5608c762ebcd4
- https://git.kernel.org/stable/c/3d90d2f4a018fe8cfd65068bc6350b6222be4852
- https://git.kernel.org/stable/c/89496d6cff297c88fe0286a440c380ceb172da2b
- https://git.kernel.org/stable/c/b830ba20b43be52eae7d4087b61a0079dec56820
- https://git.kernel.org/stable/c/e302e9ca14a86a80eadfb24a34d8675aadaf3ef3
- https://git.kernel.org/stable/c/fe17124282da055cb2e53f0131521459b5c7866c
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.15