Main Vulnerability Database SB20251230213

SB20251230213 - NULL pointer dereference in Linux kernel ulp srpt driver

Published: December 30, 2025 Updated: December 30, 2025

Security Bulletin ID SB20251230213

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2023-54274)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the srpt_format_guid() and srpt_refresh_port() functions in drivers/infiniband/ulp/srpt/ib_srpt.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/00cc21e32ea1b8ebbabf5d645da9378d986bf8ba
https://git.kernel.org/stable/c/4323aaedeba32076e652aad056afd7885bb96bb7
https://git.kernel.org/stable/c/5f6ef2a574b0e0e0ea46ed0022575442df9d0bf9
https://git.kernel.org/stable/c/8ec6acdb9b6a80eeb13e778dfedb5d72a88f14fe
https://git.kernel.org/stable/c/b713623bfef8cb1df9c769a3887fa10db63d1c54
https://git.kernel.org/stable/c/eca5cd9474cd26d62f9756f536e2e656d3f62f3a
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.180
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.111
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.28
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.15
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4