SB20250916166 - NULL pointer dereference in Linux kernel cifs
Published: September 16, 2025 Updated: September 22, 2025
Security Bulletin ID
SB20250916166
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2023-53246)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fs/cifs/cifsfs.h. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/179a88a8558bbf42991d361595281f3e45d7edfc
- https://git.kernel.org/stable/c/1e144b68208e98fd4602c842a7149ba5f41d87fb
- https://git.kernel.org/stable/c/26a32a212bc540f4773cd6af8cf73e967d72569c
- https://git.kernel.org/stable/c/657d7c215ca974d366ab1808213f716e1e3aa950
- https://git.kernel.org/stable/c/8afb1fabcec1929db46977e84baeee0cc0e79242
- https://git.kernel.org/stable/c/8cd7dbc9c46d51e00a0a8372e07cc1cbb8d24a77
- https://git.kernel.org/stable/c/b64305185b76f1d5145ce594ff48f3f0e70695bd
- https://git.kernel.org/stable/c/b7d854c33ab48e55fc233699bbefe39ec9bb5c05
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.23