PT-2025-53159 · Linux+1 · Linux Kernel+1
Published
2025-12-24
·
Updated
2025-12-25
·
CVE-2023-54082
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.5
Description
The Linux kernel contained a flaw in the
unix stream sendpage() function where a null pointer dereference could occur. This issue arose from attempting to add data to the last socket buffer (skb) in the peer's receive queue without proper locking. A race condition existed where unix stream sendpage() could access an skb that was being released by garbage collection, leading to a use-after-free condition. The issue was resolved with a patch that enforces locking of the peer's receive queue within the unix stream sendpage() function.Recommendations
Update to version 6.5 or later.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Debian
Linux Kernel