CVE-2023-53516
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-01

Last updated on: 2026-04-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF The previous commit 954d1fa1ac93 ("macvlan: Add netlink attribute for broadcast cutoff") added one additional attribute named IFLA_MACVLAN_BC_CUTOFF to allow broadcast cutfoff. However, it forgot to describe the nla_policy at macvlan_policy (drivers/net/macvlan.c). Hence, this suppose NLA_S32 (4 bytes) integer can be faked as empty (0 bytes) by a malicious user, which could leads to OOB in heap just like CVE-2023-3773. To fix it, this commit just completes the nla_policy description for IFLA_MACVLAN_BC_CUTOFF. This enforces the length check and avoids the potential OOB read.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-01
Last Modified
2026-04-06
Generated
2026-06-16
AI Q&A
2025-10-01
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53516
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel's macvlan driver involves a missing policy definition (nla_policy) for the IFLA_MACVLAN_BC_CUTOFF attribute. Without this policy, a malicious user can send a malformed netlink message with this attribute as empty (0 bytes) instead of the expected 4-byte integer, potentially causing an out-of-bounds (OOB) read in the heap memory, similar to a previous vulnerability CVE-2023-3773. The fix adds the missing policy to enforce proper length checks and prevent this OOB read.

Impact Analysis

This vulnerability can allow a malicious user to cause an out-of-bounds read in kernel heap memory by sending malformed netlink messages to the macvlan driver. This could potentially lead to system instability, crashes, or information disclosure due to improper memory access.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53516. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart