SB20251230288 - Race condition within a thread in Linux kernel net
Published: December 30, 2025 Updated: December 30, 2025
Security Bulletin ID
SB20251230288
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Race condition within a thread (CVE-ID: CVE-2023-54218)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the include/net/sock.h. A local user can corrupt data.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/564c3150ad357d571a0de7d8b644aa1f7e6e21b7
- https://git.kernel.org/stable/c/7145f2309d649ad6273b9f66448321b9b4c523c8
- https://git.kernel.org/stable/c/8319220054e5ea5f506d8d4c4b5e234f668ffc3b
- https://git.kernel.org/stable/c/d06f67b2b8dcd00d995c468428b6bccebc5762d8
- https://git.kernel.org/stable/c/d7343f8de019ebb55b2b6ef79b971f6ceb361a99
- https://git.kernel.org/stable/c/de260d1e02cde39d317066835ee6e5234fc9f5a8
- https://git.kernel.org/stable/c/dfd9248c071a3710c24365897459538551cb7167
- https://git.kernel.org/stable/c/fd28692fa182d25e8d26bc1db506648839fde245
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.316