PT-2025-18817 · Linux+3 · Linux Kernel+3

Published

2023-03-20

Updated

2026-01-28

CVE-2023-53053

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version

Description A vulnerability in the Linux kernel has been resolved. The issue is related to the use of skb mac header() in ndo start xmit(). Drivers should not assume skb mac header(skb) == skb->data in their ndo start xmit(). Instead, skb network offset() and skb transport offset() should be used, which better describe what is needed in erspan fb xmit() and ip6erspan tunnel xmit(). A warning was reported by syzbot, indicating a potential issue in the ip6erspan tunnel xmit() function.

Recommendations As a temporary workaround, consider disabling the ip6erspan tunnel xmit() function until a patch is available. Update to a version of the Linux kernel that includes the fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

ALSA-2025_16880

BDU:2025-06767

CVE-2023-53053

OESA-2025-1726

RHSA-2023:6583

RHSA-2023_6583

Affected Products

Astra Linux

Linux Kernel

Red Hat

Red Os

PT-2025-18817 · Linux+3 · Linux Kernel+3

CVE-2023-53053

Weakness Enumeration

Related Identifiers

Affected Products

References · 38