CVE-2023-53499
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-01

Last updated on: 2025-10-02

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix error unwinding of XDP initialization When initializing XDP in virtnet_open(), some rq xdp initialization may hit an error causing net device open failed. However, previous rqs have already initialized XDP and enabled NAPI, which is not the expected behavior. Need to roll back the previous rq initialization to avoid leaks in error unwinding of init code. Also extract helper functions of disable and enable queue pairs. Use newly introduced disable helper function in error unwinding and virtnet_close. Use enable helper function in virtnet_open.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-01
Last Modified
2025-10-02
Generated
2026-06-16
AI Q&A
2025-10-01
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53499
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's virtio_net driver during the initialization of XDP (eXpress Data Path) in the virtnet_open() function. If an error happens while initializing some receive queues (rqs) for XDP, the network device fails to open. However, previously initialized rqs remain active with XDP and NAPI enabled, which is unintended. This improper error handling can lead to resource leaks because the initialization is not properly rolled back when an error occurs.

Impact Analysis

The vulnerability can cause resource leaks in the network driver due to incomplete rollback of XDP initialization on error. This may lead to instability or unexpected behavior in the network device, such as failure to open the device properly or potential performance degradation due to leftover active queues.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53499. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart