Null Pointer Dereference in Linux Kernel Affecting Multiple Distributions
CVE-2023-53250

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 15 September 2025

What is CVE-2023-53250?

A null pointer dereference vulnerability has been identified in the Linux kernel, specifically in the dmi-sysfs module, which can lead to kernel panic and system instability. This issue arises during memory deallocation processes due to incorrect handling of list structures, resulting in failure to properly delete uninitialized list heads. The vulnerability was addressed by adjusting error handling routines to ensure that operations on list structures are safely managed. Users are advised to update their systems to mitigate potential risks associated with this flaw.

Affected Version(s)

Linux fdffa4ad8f6bf1ece877edfb807f2b2c729d8578

Linux 660ba678f9998aca6db74f2dd912fa5124f0fa31

Linux 660ba678f9998aca6db74f2dd912fa5124f0fa31 < 5d0492d1d934642bdfd2057acc1b56f4b57be465

References

https://git.kernel.org/stable/c/b4fe158259fb5fead52ff2b55...

https://git.kernel.org/stable/c/e851996b32264e78a10863c2a...

https://git.kernel.org/stable/c/5d0492d1d934642bdfd2057ac...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Sep 15, 2025