CVE-2023-53499
BaseFortify
Publication date: 2025-10-01
Last updated on: 2025-10-02
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's virtio_net driver during the initialization of XDP (eXpress Data Path) in the virtnet_open() function. If an error happens while initializing some receive queues (rqs) for XDP, the network device fails to open. However, previously initialized rqs remain active with XDP and NAPI enabled, which is unintended. This improper error handling can lead to resource leaks because the initialization is not properly rolled back when an error occurs.
How can this vulnerability impact me? :
The vulnerability can cause resource leaks in the network driver due to incomplete rollback of XDP initialization on error. This may lead to instability or unexpected behavior in the network device, such as failure to open the device properly or potential performance degradation due to leftover active queues.