CVE-2023-53516

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's macvlan implementation due to a missing netlink attribute policy for IFLA MACVLAN BC CUTOFF. A malicious user could potentially exploit this by providing a crafted input that bypasses length checks, leading to an out-of-bounds (OOB) read in heap memory, similar to CVE-2023-3773. The issue stems from the incomplete nla policy description for IFLA MACVLAN BC CUTOFF, allowing an attacker to manipulate the attribute's length.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

LPE

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

BDU:2025-12905

CVE-2023-53516

SUSE-SU-2025:03600-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Affected Products

Linux Kernel

Suse

CVE-2023-53516

Weakness Enumeration

Related Identifiers

Affected Products

References · 1408