SB20251230229 - NULL pointer dereference in Linux kernel of driver
Published: December 30, 2025 Updated: December 30, 2025
Security Bulletin ID
SB20251230229
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2023-54178)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the of_unittest_find_node_by_name() and attach_node_and_children() functions in drivers/of/unittest.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0b7d715511915a1b39f5fdcbe57a7922dfd66513
- https://git.kernel.org/stable/c/2dd8ee9de71ad8447f8459fb01dade7f6c7132da
- https://git.kernel.org/stable/c/43cc228099c514467b8074d7ede6673cef9f33b9
- https://git.kernel.org/stable/c/c364fa869b33ca42a263bf91c22fce7e6c61d479
- https://git.kernel.org/stable/c/c74ae8124f9687062dd99858f34c9d027ddd73da
- https://git.kernel.org/stable/c/d6ce4f0ea19c32f10867ed93d8386924326ab474
- https://git.kernel.org/stable/c/dadf0d0dfcc81cdcb27ba5426676d13a9e4fb925
- https://git.kernel.org/stable/c/ea5bc6f5aa099e3e84d037282836234ad77cba88
- https://git.kernel.org/stable/c/f41c65f8d05be734898cbe72af59a401b97d298a
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195