CVE-2023-53433

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.24-syzkaller

Description A flaw was discovered in the Linux kernel related to the handling of VLAN packets. Specifically, the use of pskb may pull() instead of skb header pointer() in certain functions could lead to a kernel bug, potentially resulting in a system crash. The issue was identified through syzkaller testing and addressed by introducing the vlan get protocol and depth() helper function to clarify the intent and improve the handling of MAC headers.

Recommendations Update the Linux kernel to version 6.1.24-syzkaller or later.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-388

Related Identifiers

ALSA-2025_16880

BDU:2025-12985

CVE-2023-53433

RHSA-2023:6583

RHSA-2023_6583

SUSE-SU-2025:4189-1

Affected Products

Astra Linux

Linux Kernel

Red Hat

Suse

CVE-2023-53433

Weakness Enumeration

Related Identifiers

Affected Products

References · 313