SB20251210114 - Improper locking in Linux kernel netlink
Published: December 10, 2025 Updated: December 12, 2025
Security Bulletin ID
SB20251210114
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2023-53853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the netlink_recvmsg(), netlink_dump(), __netlink_dump_start() and netlink_native_seq_show() functions in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/02e7afd659a4c9ce1e98fc01ab4c510f3de1f0b3
- https://git.kernel.org/stable/c/1d5c8b01f1df0461256a6d75854ed806f50645a3
- https://git.kernel.org/stable/c/840a647499b093621167de56ffa8756dfc69f242
- https://git.kernel.org/stable/c/a115dadf8995b1730c36c474401d97355705cb88
- https://git.kernel.org/stable/c/a507022c862e10744a92c4bf5709775450a110ad
- https://git.kernel.org/stable/c/a939d14919b799e6fff8a9c80296ca229ba2f8a4
- https://git.kernel.org/stable/c/e25e9d8a210ed78bdf0f364576dbee13aefadbf8
- https://git.kernel.org/stable/c/f92557f79a60cb142258f5fa7194f327573fadd8
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.181