SB20250916255 - Improper error handling in Linux kernel serial 8250 driver
Published: September 16, 2025 Updated: September 22, 2025
Security Bulletin ID
SB20250916255
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper error handling (CVE-ID: CVE-2023-53176)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the serial8250_unregister_port() function in drivers/tty/serial/8250/8250_core.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/04e82793f068d2f0ffe62fcea03d007a8cdc16a7
- https://git.kernel.org/stable/c/1ba5594739d858e524ff0f398ee1ebfe0a8b9d41
- https://git.kernel.org/stable/c/2c86a1305c1406f45ea780d06953c484ea1d9e6e
- https://git.kernel.org/stable/c/490bf37eaabb0a857ed1ae8e75d8854e41662f1c
- https://git.kernel.org/stable/c/8e596aed5f2f98cf3e6e98d6fe1d689f4a319308
- https://git.kernel.org/stable/c/af4d6dbb1a92ea424ad1ba1d0c88c7fa2345d872
- https://git.kernel.org/stable/c/c9e080c3005fd183c56ff8f4d75edb5da0765d2c
- https://git.kernel.org/stable/c/d5cd2928d31042a7c0a01464f9a8d95be736421d
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.244