CVE-2023-53442
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-18

Last updated on: 2025-12-11

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at the same time can result in nullptr dereference. To prevent this, check if ADQ is active when changing devlink mode to switchdev mode, and check if switchdev is active when enabling ADQ.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-18
Last Modified
2025-12-11
Generated
2026-06-16
AI Q&A
2025-09-18
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53442
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 5.16 (inc) to 6.1.47 (exc)
linux linux_kernel From 6.2 (inc) to 6.4.12 (exc)
linux linux_kernel 6.5
linux linux_kernel 6.5
linux linux_kernel 6.5
linux linux_kernel 6.5
linux linux_kernel 6.5
linux linux_kernel 6.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel where the ice driver allows both ADQ (Application Device Queues) and switchdev mode to be enabled simultaneously, which is not supported. Enabling both at the same time can cause a nullptr dereference, leading to potential kernel crashes or instability. The fix involves checking if ADQ is active before switching to switchdev mode and vice versa to prevent this condition.

Impact Analysis

If this vulnerability is triggered, it can cause a nullptr dereference in the Linux kernel, which may lead to system crashes, instability, or denial of service. This can affect the reliability and availability of systems using the ice driver with ADQ and switchdev features enabled simultaneously.

Mitigation Strategies

To mitigate this vulnerability, ensure that ADQ and switchdev modes are not enabled simultaneously on your Linux system. Specifically, check if ADQ is active before switching to switchdev mode, and verify that switchdev is not active before enabling ADQ. This prevents the nullptr dereference issue caused by enabling both modes at the same time.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53442. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart