PT-2025-40207 · Linux+1 · Linux Kernel+1

Published

2023-07-10

Updated

2025-12-04

CVE-2023-53500

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-next-20230707 #409

Description The Linux kernel contains a flaw in the xfrm subsystem, specifically within the decode session6 function. When the xfrm device is configured with a qdisc of the sfb type, the cb field of a sent skb (socket buffer) may be altered during enqueuing. This can lead to a slab-use-after-free condition when the xfrm device transmits IPv6 packets. The issue occurs because the cb field is not properly initialized before packet transmission, potentially causing memory corruption. The stack trace indicates the issue is triggered during IPv6 packet processing, specifically within the ndisc send rs function related to neighbor discovery.

Recommendations Update the Linux kernel to version 6.4.0-next-20230707 #409 or a later version that includes the fix.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-664

Related Identifiers

BDU:2025-12790

CVE-2023-53500

OESA-2025-2659

SUSE-SU-2025:03600-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4111-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4135-1

SUSE-SU-2025:4139-1

SUSE-SU-2025:4141-1

SUSE-SU-2025:4149-1

SUSE-SU-2025:4188-1

SUSE-SU-2025:4320-1

Affected Products

Linux Kernel

Suse

PT-2025-40207 · Linux+1 · Linux Kernel+1

CVE-2023-53500

Weakness Enumeration

Related Identifiers

Affected Products

References · 1749