SB20251226221 - NULL pointer dereference in Linux kernel ipv6
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB20251226221
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2023-54004)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the function in net/ipv6/udplite.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/2a112f04629f7839e7cb509b27b8d3b735afe255
- https://git.kernel.org/stable/c/387bd0a3af3bdd2b16f8dbef0c9fcccac63000a4
- https://git.kernel.org/stable/c/5014b64e369bdf997935b132a1ac4d64b6e47ad4
- https://git.kernel.org/stable/c/7e3ae83371a4809da6fa3f10ccc430eecef3034a
- https://git.kernel.org/stable/c/ad42a35bdfc6d3c0fc4cb4027d7b2757ce665665
- https://git.kernel.org/stable/c/cc56de054d828935aa37734b479f82fa34b5f9bd
- https://git.kernel.org/stable/c/f04c8eaf45e7dcdfccba936506b1ec592a369fb9
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.5