SB2025100550 - Use of uninitialized resource in Linux kernel qrtr
Published: October 5, 2025 Updated: October 27, 2025
Security Bulletin ID
SB2025100550
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use of uninitialized resource (CVE-ID: CVE-2023-53578)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the qrtr_endpoint_post() function in net/qrtr/af_qrtr.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3814d211ff13ee35f2d9437439a6c7df58524137
- https://git.kernel.org/stable/c/6417070918de3bcdbe0646e7256dae58fd8083ba
- https://git.kernel.org/stable/c/8c9ce34a6ff2c544f96ce0b088e8fd3c1b9698c4
- https://git.kernel.org/stable/c/bef57c227b52c2bde00fad33556175d36d12cfa0
- https://git.kernel.org/stable/c/c6a796ee5a639ffb83c6e5469408cc2ec16cac6a
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.108