SB2025091884 - Improper error handling in Linux kernel trace
Published: September 18, 2025 Updated: September 22, 2025
Security Bulletin ID
SB2025091884
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper error handling (CVE-ID: CVE-2023-53368)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the tracing_snapshot_open() and tracing_snapshot_write() functions in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3163f635b20e9e1fb4659e74f47918c9dddfe64e
- https://git.kernel.org/stable/c/37ca1b686078b00cc4ffa008e2190615f7709b5d
- https://git.kernel.org/stable/c/6182318ac04648b46db9d441fd7d696337fcdd0b
- https://git.kernel.org/stable/c/74c85396bd73eca80b96510b4edf93b9a3aff75f
- https://git.kernel.org/stable/c/89c89da92a60028013f9539be0dcce7e44405a43
- https://git.kernel.org/stable/c/90e037cabc2c2dfc39b3dd9c5b22ea91f995539a
- https://git.kernel.org/stable/c/c5d30d6aa83d99fba8dfdd9cf6c4e4e7a63244db
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195