SB20251230312 - Input validation error in Linux kernel drivers dma
Published: December 30, 2025
Security Bulletin ID
SB20251230312
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2023-54255)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dma_find_base(), dma_base_addr() and sh_dmac_get_dma_residue() functions in arch/sh/drivers/dma/dma-sh.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/196f6c71905aa384c0177acf194a1144d480333b
- https://git.kernel.org/stable/c/479380acfa63247b5ac62476138f847aefc62692
- https://git.kernel.org/stable/c/4989627157735c1f1619f08e5bc1592418e7c878
- https://git.kernel.org/stable/c/8fb11fa4805699c6b73a9c8a9d45807f9874abe3
- https://git.kernel.org/stable/c/bca700b48c72f4ffeee977a2ed0eb4a6b4b7b8ad
- https://git.kernel.org/stable/c/d1c946552af299f4fa85bf7da15e328123771128
- https://git.kernel.org/stable/c/e82e47584847129a20b8c9f4a1dcde09374fb0e0
- https://git.kernel.org/stable/c/e9e33faea104381bac80ac79328f0540fc2969f2
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.4