SB2025121020 - Memory leak in Linux kernel kcm
Published: December 10, 2025 Updated: December 12, 2025
Security Bulletin ID
SB2025121020
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2023-53825)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kcm_sendmsg() function in net/kcm/kcmsock.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1ce8362b4ac6b8e65fd04a22ea37ec776ee1ec5b
- https://git.kernel.org/stable/c/21b467735b0888a8daa048f83d3b9b50fdab71ce
- https://git.kernel.org/stable/c/2e18493c421428a936946c452461b8e979088f17
- https://git.kernel.org/stable/c/55d2e7c1ab8eaa7b62575b8a4194132795d1f9fc
- https://git.kernel.org/stable/c/992b2ac783aad360b98ed9d4686e86176a20f6f1
- https://git.kernel.org/stable/c/a22730b1b4bf437c6bbfdeff5feddf54be4aeada
- https://git.kernel.org/stable/c/d4b8f380b0a041ee6a84fdac14127d8fe1dcad7b
- https://git.kernel.org/stable/c/e5b28ce127a690f3acc49a6a342e6c9442c9edd6
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.54