CVE-2023-53559
Published: Oct 4, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ip_vti device sends IPv6 packets. As commit f855691975bb ("xfrm6: Fix the nexthdr offset in _decode_session6.") showed, xfrm_decode_session was originally intended only for the receive path. IP6CB(skb)->nhoff is not set during transmission. Therefore, set the cb field in the skb to 0 before sending packets.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected f855691975bb06373a98711e4cfe2c224244b536 - < 82fb41c5de243e7dfa90f32ca58e35adaff56c1daffected f855691975bb06373a98711e4cfe2c224244b536 - < 7dfe23659f3677c08a60a0056cda2d91a79c15caaffected f855691975bb06373a98711e4cfe2c224244b536 - < d34c30442d5e53a33cde79ca163320dbe2432cbdaffected f855691975bb06373a98711e4cfe2c224244b536 - < 0b4d69539fdea138af2befe08893850c89248068affected f855691975bb06373a98711e4cfe2c224244b536 - < e1e04cc2ef2c0c0866c19f5627149a76c2baae32+3 more versions |
Linux | Linux | affected 3.19unaffected 0 - < 3.19unaffected 4.14.324 - <= 4.14.*unaffected 4.19.293 - <= 4.19.*unaffected 5.4.255 - <= 5.4.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now