SB2025122627 - Memory leak in Linux kernel hfs
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB2025122627
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2023-54130)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hfs_write_inode() function in fs/hfs/inode.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/45917be9f0af339a45b4619f31c902d37b8aed59
- https://git.kernel.org/stable/c/82725be426bce0a425cc5e26fbad61ffd29cff03
- https://git.kernel.org/stable/c/90e019006644dad35862cb4aa270f561b0732066
- https://git.kernel.org/stable/c/be01f35efa876eb81cebab2cb0add068b7280ef4
- https://git.kernel.org/stable/c/cb7a95af78d29442b8294683eca4897544b8ef46
- https://git.kernel.org/stable/c/cc2164ada548addfa8ee215196661c3afe0c5154
- https://git.kernel.org/stable/c/da23752d9660ba7a8ca6c5768fd8776f67f59ee7
- https://git.kernel.org/stable/c/f10defb0be6ac42fb6a97b45920d32da6bd6fde8
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.87