SB20250327138 - Improper locking in Linux kernel mm
Published: March 27, 2025 Updated: May 11, 2025
Security Bulletin ID
SB20250327138
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2023-52932)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pr_debug() function in mm/swapfile.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/29f0349c5c76b627fe06b87d4b13fa03a6ce8e64
- https://git.kernel.org/stable/c/30187be29052bba9203b0ae2bdd815e0bc2faaab
- https://git.kernel.org/stable/c/387217b97e99699c34e6d95ce2b91b327fcd853e
- https://git.kernel.org/stable/c/49178d4d61e78aed8c837dfeea8a450700f196e2
- https://git.kernel.org/stable/c/5dbe1ebd56470d03b78fc31491a9e4d433106ef2
- https://git.kernel.org/stable/c/7717fc1a12f88701573f9ed897cc4f6699c661e3
- https://git.kernel.org/stable/c/d49c85a1913385eed46dd16a25ad0928253767f0
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.232