#VU120871 Input validation error in Linux kernel - CVE-2023-54267
Published: December 30, 2025
Vulnerability identifier: #VU120871
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-54267
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pseries_idle_probe() function in drivers/cpuidle/cpuidle-pseries.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/2935443dc9c28499223d8c881474259e4b998f2a
- https://git.kernel.org/stable/c/3c5e8e666794d7dde6d14ea846c6c04f2bb34900
- https://git.kernel.org/stable/c/4c8568cf4c45b415854195c8832b557cdefba57a
- https://git.kernel.org/stable/c/953c54dfdc5d3eb7243ed902b50acb5ea1db4355
- https://git.kernel.org/stable/c/eac030b22ea12cdfcbb2e941c21c03964403c63f
- https://git.kernel.org/stable/c/f45ee5c074013a0fbfce77a5af5efddb01f5d4f4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.3