SB20251226235 - Improper locking in Linux kernel nsh
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB20251226235
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2023-54114)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nsh_gso_segment() function in net/nsh/nsh.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/02b20e0bc0c2628539e9e518dc342787c3332de2
- https://git.kernel.org/stable/c/2f88c8d38ecf5ed0273f99a067246899ba499eb2
- https://git.kernel.org/stable/c/435855b0831b351cb72cb38369ee33122ce9574c
- https://git.kernel.org/stable/c/6fbedf987b6b8ed54a50e2205d998eb2c8be72f9
- https://git.kernel.org/stable/c/c83b49383b595be50647f0c764a48c78b5f3c4f8
- https://git.kernel.org/stable/c/cb38e62922aa3991793344b5a5870e7291c74a44
- https://git.kernel.org/stable/c/cdd8160dcda1fed2028a5f96575a84afc23aff7d
- https://git.kernel.org/stable/c/d2309e0cb27b6871b273fbc1725e93be62570d86
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.284