CVE-2023-53821

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-next-20230707-00001-g84e2cad7f979

Description The Linux kernel contains a flaw within the ipv6 vti module, specifically in the decode session6 function, that can lead to a slab-use-after-free condition. This issue occurs when an ipv6 vti device is configured with a sfb qdisc, potentially modifying the cb field of a sent skb during enqueuing. Subsequently, a slab-use-after-free may occur when the ipv6 vti device transmits IPv6 packets. The root cause is that the cb field in the skb is not properly initialized before packet transmission.

Recommendations Update to version 6.4.0-next-20230707-00001-g84e2cad7f979 or a later version to address this issue.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-53821

OESA-2026-1075

OESA-2026-1231

RHSA-2024:2394

RHSA-2024:3138

RHSA-2026:3267

RHSA-2026:3268

RHSA-2026:3277

RHSA-2026:3293

RHSA-2026:3358

RHSA-2026:3360

RHSA-2026:3375

RHSA-2026:3388

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

Affected Products

Centos

Linux Kernel

Red Hat

CVE-2023-53821

Related Identifiers

Affected Products

References · 1495