SB20251230316 - Input validation error in Linux kernel cpuidle driver
Published: December 30, 2025
Security Bulletin ID
SB20251230316
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2023-54267)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pseries_idle_probe() function in drivers/cpuidle/cpuidle-pseries.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/2935443dc9c28499223d8c881474259e4b998f2a
- https://git.kernel.org/stable/c/3c5e8e666794d7dde6d14ea846c6c04f2bb34900
- https://git.kernel.org/stable/c/4c8568cf4c45b415854195c8832b557cdefba57a
- https://git.kernel.org/stable/c/953c54dfdc5d3eb7243ed902b50acb5ea1db4355
- https://git.kernel.org/stable/c/eac030b22ea12cdfcbb2e941c21c03964403c63f
- https://git.kernel.org/stable/c/f45ee5c074013a0fbfce77a5af5efddb01f5d4f4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.3