#VU119531 Memory leak in Linux kernel - CVE-2023-53825
Published: December 10, 2025 / Updated: December 12, 2025
Vulnerability identifier: #VU119531
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-53825
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kcm_sendmsg() function in net/kcm/kcmsock.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/1ce8362b4ac6b8e65fd04a22ea37ec776ee1ec5b
- https://git.kernel.org/stable/c/21b467735b0888a8daa048f83d3b9b50fdab71ce
- https://git.kernel.org/stable/c/2e18493c421428a936946c452461b8e979088f17
- https://git.kernel.org/stable/c/55d2e7c1ab8eaa7b62575b8a4194132795d1f9fc
- https://git.kernel.org/stable/c/992b2ac783aad360b98ed9d4686e86176a20f6f1
- https://git.kernel.org/stable/c/a22730b1b4bf437c6bbfdeff5feddf54be4aeada
- https://git.kernel.org/stable/c/d4b8f380b0a041ee6a84fdac14127d8fe1dcad7b
- https://git.kernel.org/stable/c/e5b28ce127a690f3acc49a6a342e6c9442c9edd6
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.54