SB20251226122 - Use-after-free in Linux kernel mm
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB20251226122
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2023-54113)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mem_dump_obj() function in mm/util.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0a22f9c17b1aa2a35b5eedee928f7841595b55cd
- https://git.kernel.org/stable/c/3f7a4e88e40e38c0b16a4bcb599b7b1d8c81440d
- https://git.kernel.org/stable/c/8fb1601ec0a2c4c34fc2170af767e5c2a6400573
- https://git.kernel.org/stable/c/c83ad36a18c02c0f51280b50272327807916987f
- https://git.kernel.org/stable/c/dddca4c46ec92f83449bc91dd199f46a89e066be
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.16