SB2025050468 - Input validation error in Linux kernel ipv6 ila
Published: May 4, 2025 Updated: May 10, 2025
Security Bulletin ID
SB2025050468
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2023-53141)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ila_xlat_nl_cmd_get_mapping() function in net/ipv6/ila/ila_xlat.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/25b54f247ea060aeb85ec88a82c75060fca03521
- https://git.kernel.org/stable/c/42d9ed4e5dc5f87fbd67c232e2e4a9b88ceeb47f
- https://git.kernel.org/stable/c/60fe7cb483c8c5dcadaeeac867251d6e59c7badc
- https://git.kernel.org/stable/c/693aa2c0d9b6d5b1f2745d31b6e70d09dbbaf06e
- https://git.kernel.org/stable/c/783f218940b3c7b872e4111d0145000f26ecbdf6
- https://git.kernel.org/stable/c/91aceb3844d4aec555c7f423f9fd843eff5835e9
- https://git.kernel.org/stable/c/b26bc5861505f04dea933ca3e522772b20fa086f
- https://git.kernel.org/stable/c/c631e52aea0fc8d4deea06e439f5810a8b40ad0f
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.278