SB20251226231 - Improper locking in Linux kernel dsa
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB20251226231
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2023-54149)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the net/dsa/switch.h. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3948c69b3837fec2ee5a90fbc911c343199be0ac
- https://git.kernel.org/stable/c/3f9e79f31e51b7d5bf95c617540deb6cf2816a3f
- https://git.kernel.org/stable/c/d06f925f13976ab82167c93467c70a337a0a3cda
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.13
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5