QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2023-53365

Back to search

CVE-2023-53365

Published: Sep 17, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skb_under_panic in ip6mr_cache_report() skbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg ------------[ cut here ]------------ kernel BUG at net/core/skbuff.c:192! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 2 PID: 22968 Comm: kworker/2:11 Not tainted 6.5.0-rc3-00044-g0a8db05b571a #236 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Workqueue: ipv6_addrconf addrconf_dad_work RIP: 0010:skb_panic+0x152/0x1d0 Call Trace: <TASK> skb_push+0xc4/0xe0 ip6mr_cache_report+0xd69/0x19b0 reg_vif_xmit+0x406/0x690 dev_hard_start_xmit+0x17e/0x6e0 __dev_queue_xmit+0x2d6a/0x3d20 vlan_dev_hard_start_xmit+0x3ab/0x5c0 dev_hard_start_xmit+0x17e/0x6e0 __dev_queue_xmit+0x2d6a/0x3d20 neigh_connected_output+0x3ed/0x570 ip6_finish_output2+0x5b5/0x1950 ip6_finish_output+0x693/0x11c0 ip6_output+0x24b/0x880 NF_HOOK.constprop.0+0xfd/0x530 ndisc_send_skb+0x9db/0x1400 ndisc_send_rs+0x12a/0x6c0 addrconf_dad_completed+0x3c9/0xea0 addrconf_dad_work+0x849/0x1420 process_one_work+0xa22/0x16e0 worker_thread+0x679/0x10c0 ret_from_fork+0x28/0x60 ret_from_fork_asm+0x11/0x20 When setup a vlan device on dev pim6reg, DAD ns packet may sent on reg_vif_xmit(). reg_vif_xmit() ip6mr_cache_report() skb_push(skb, -skb_network_offset(pkt));//skb_network_offset(pkt) is 4 And skb_push declared as: void *skb_push(struct sk_buff *skb, unsigned int len); skb->data -= len; //0xffff88805f86a84c - 0xfffffffc = 0xffff887f5f86a850 skb->data is set to 0xffff887f5f86a850, which is invalid mem addr, lead to skb_push() fails.

VendorProductVersions

Linux

Linux

affected
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d - < a96d74d1076c82a4cef02c150d9996b21354c78d
affected
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d - < 8382e7ed2d63e6c2daf6881fa091526dc6c879cd
affected
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d - < 0438e60a00d4e335b3c36397dbf26c74b5d13ef0
affected
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d - < 1683124129a4263dd5bce2475bab110e95fa0346
affected
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d - < 1bb54a21f4d9b88442f8c3307c780e2db64417e4

+3 more versions

Linux

Linux

affected
2.6.26
unaffected
0 - < 2.6.26
unaffected
4.14.322 - <= 4.14.*
unaffected
4.19.291 - <= 4.19.*
unaffected
5.4.253 - <= 5.4.*

+5 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now