PT-2025-18398 · Linux+6 · Linux Kernel+6

Published

2025-02-11

·

Updated

2026-04-20

·

CVE-2025-23144

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability has been resolved in the Linux kernel related to the backlight LED driver. The issue occurs when the led sysfs enable function is called without holding the led access lock, which can lead to a warning and a call trace. The lockdep detects this problem when removing the LED backlight. To fix this, the led access lock must be held when calling led sysfs disable.
Recommendations As a temporary workaround, consider disabling the led sysfs enable() function until a patch is available. Restrict access to the led bl module to minimize the risk of exploitation. Avoid using the led sysfs disable() function in the affected kernel version until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Weakness Enumeration

CWE-413

Related Identifiers

BDU:2025-12053
CVE-2025-23144
DLA-4178-1
DLA-4193-1
ECHO-972E-41B5-43DC
OESA-2025-1511
OESA-2025-1512
OESA-2025-1514
OESA-2025-1515
SUSE-SU-2025:01964-1
SUSE-SU-2025:01965-1
SUSE-SU-2025:02000-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20408-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20419-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01965-1
SUSE-SU-2025_02000-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
USN-7594-1
USN-7594-2
USN-7594-3
USN-7654-1
USN-7654-2
USN-7654-3
USN-7654-4
USN-7654-5
USN-7655-1
USN-7686-1
USN-7711-1
USN-7712-1
USN-7712-2
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu