SB2025122624 - Memory leak in Linux kernel tty serial driver
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB2025122624
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2023-54136)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the sprd_rx_free_buf() and sprd_probe() functions in drivers/tty/serial/sprd_serial.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0237f913694d57bcd7e0e7ae6f255b648a1c42a7
- https://git.kernel.org/stable/c/4ee715e54e255b1be65722f715fca939d5c2ca7a
- https://git.kernel.org/stable/c/6d209ed70f9c388727995aaece1f930fe63d402b
- https://git.kernel.org/stable/c/9a26aaea6c212ea26bab159933dbfd3321a491f6
- https://git.kernel.org/stable/c/c65be6ad55e5e45f8c4e40e1d8d7fe0e21b26e77
- https://git.kernel.org/stable/c/cd119fdc3ee1450fbf7f78862b5de44c42b6e47f
- https://git.kernel.org/stable/c/f34508d934c4f2efb6a85787fc37f42184dabadf
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.132