CVE-2023-53752

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.39

Description The Linux kernel contained an issue where an integer overflow in the kmalloc reserve() function could lead to crashes. Specifically, if the size parameter passed to kmalloc reserve() was greater than 0x80000001, the kmalloc size roundup() function would return 2^32, which would then be truncated to 0 when assigned to a 32-bit variable. This could result in an attempt to allocate a zero-sized buffer using kmalloc(0), leading to a crash during skbuff allocations. The issue was identified through reports from syzbot and Kyle Zeng. The vulnerability could be triggered when a netdev->mtu is set close to 0x7fffffff.

Recommendations Update to Linux kernel version 6.1.39 or later.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-53752

RHSA-2024:9315

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

Affected Products

Linux Kernel

CVE-2023-53752

Related Identifiers

Affected Products

References · 1459