SB2025100561 - Buffer overflow in Linux kernel bpf
Published: October 5, 2025 Updated: October 27, 2025
Security Bulletin ID
SB2025100561
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2023-53577)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the put_cpu_map_entry(), cpu_map_kthread_stop(), cpu_map_bpf_prog_run() and __cpu_map_entry_alloc() functions in kernel/bpf/cpumap.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/640a604585aa30f93e39b17d4d6ba69fcb1e66c9
- https://git.kernel.org/stable/c/7a1178a3671b40746830d355836b72e47ceb2490
- https://git.kernel.org/stable/c/b44d28b98f185d2f2348aa3c3636838c316f889e
- https://git.kernel.org/stable/c/ecb45b852af5e88257020b88bea5ff0798d72aca
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.10