SB2025122626 - Memory leak in Linux kernel md driver
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB2025122626
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2023-54123)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the setup_geo(), setup_conf() and raid10_run() functions in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/133008af833b4f2e021d2c294c29c70364a3f0ba
- https://git.kernel.org/stable/c/5cba3e26c073b535e4e3b825ea481fb29c53943b
- https://git.kernel.org/stable/c/6361b0592b46c465ac926c1f3105d66c30d9658b
- https://git.kernel.org/stable/c/7f673fa34c0e3f95ee951a1bbf61791164871d2e
- https://git.kernel.org/stable/c/b21019a220d9cac08819bb6c63000de9ee61eb9e
- https://git.kernel.org/stable/c/b6460f68c1cc95a80d089af402be501619f228e4
- https://git.kernel.org/stable/c/c9ac2acde53f5385de185bccf6aaa91cf9ac1541
- https://git.kernel.org/stable/c/e2fec8d95353a48634b085011626ba3ec8ab8b1c
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2