SB2025100884 - NULL pointer dereference in Linux kernel pci ac97
Published: October 8, 2025 Updated: October 26, 2025
Security Bulletin ID
SB2025100884
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2023-53648)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the snd_ac97_mixer() function in sound/pci/ac97/ac97_codec.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/09baf460dfba79ee6a0c72e68ccdbbba84d894df
- https://git.kernel.org/stable/c/228da1fa124470606ac19783e551f9d51a1e01b0
- https://git.kernel.org/stable/c/300e26e3e64880de5013eac8831cf44387ef752c
- https://git.kernel.org/stable/c/5f13d67027fa782096e6aee0db5dce61c4aeb613
- https://git.kernel.org/stable/c/79597c8bf64ca99eab385115743131d260339da5
- https://git.kernel.org/stable/c/809af7bb4219bdeef0dbb8b2ed700d6516d13fe9
- https://git.kernel.org/stable/c/d28b83252e150155b8b8c65b612c555e93c8b45f
- https://git.kernel.org/stable/c/e4cccff1e7ab6ea30995b6fbbb007d02647e025c
- https://git.kernel.org/stable/c/f923a582217b198b557756809ffe42ac0fad6adb
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188