#VU115697 Input validation error in Linux kernel - CVE-2023-53331
Published: September 17, 2025 / Updated: September 22, 2025
Vulnerability identifier: #VU115697
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-53331
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the persistent_ram_post_init() function in fs/pstore/ram_core.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/25fb4e3402d46f425ec135ef6f09792a4c1b3003
- https://git.kernel.org/stable/c/89312657337e6e03ad6e9ea1a462bd9c158c85c8
- https://git.kernel.org/stable/c/c807ccdd812d18985860504b503899f3140a9549
- https://git.kernel.org/stable/c/dc2f60de9a7d3efd982440117dab5579898d808c
- https://git.kernel.org/stable/c/e95d7a8a6edd14f8fab44c777dd7281db91f6ae2
- https://git.kernel.org/stable/c/e972231db29b5d1dccc13bf9d5ba55b6979a69ed
- https://git.kernel.org/stable/c/f77990358628b01bdc03752126ff5f716ea37615
- https://git.kernel.org/stable/c/fe8c3623ab06603eb760444a032d426542212021
- https://git.kernel.org/stable/c/fedecaeef88899d940b69368c996e8b3b0b8650d
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.132