SB20251001100 - Incorrect calculation in Linux kernel net xen-netback driver
Published: October 1, 2025 Updated: October 27, 2025
Security Bulletin ID
SB20251001100
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Incorrect calculation (CVE-ID: CVE-2023-53502)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the xenvif_get_requests() function in drivers/net/xen-netback/netback.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/11e6919ae028b5de1fc48007354ea07069561b31
- https://git.kernel.org/stable/c/534fc31d09b706a16d83533e16b5dc855caf7576
- https://git.kernel.org/stable/c/b14a3924c2675c22e07a5a190223b6b6cdc2867d
- https://git.kernel.org/stable/c/bc7b9a6c2ca42b116b0f24dbaa52b5a07d96d1d6
- https://git.kernel.org/stable/c/cf482893f721f76ac60c0a43482a59b2f194156b
- https://git.kernel.org/stable/c/e1142d87c185c7d7bbf05d175754638b5b9dbf16
- https://git.kernel.org/stable/c/f9167a2d6b943f30743de6ff8163d1981c34f9a9
- https://git.kernel.org/stable/c/fa5b932b77c815d0e416612859d5899424bb4212
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.44