SB20251001125 - Buffer overflow in Linux kernel block driver
Published: October 1, 2025 Updated: October 27, 2025
Security Bulletin ID
SB20251001125
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2023-53513)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nbd_set_size() and nbd_add_socket() functions in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/52851d0c3354b397c11d31dfeb8b2a2fc85a0002
- https://git.kernel.org/stable/c/55793ea54d77719a071b1ccc05a05056e3b5e009
- https://git.kernel.org/stable/c/fab766c8a1aff715bce7075aab40e780266f8e1a
- https://git.kernel.org/stable/c/ffb75ffaa68723276365d0f9d00b03362b750657
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4