CVE-2023-53600
BaseFortify
Publication date: 2025-10-04
Last updated on: 2026-03-23
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 6.2 (inc) to 6.4.11 (inc) |
| iperf3 | iperf3 | * |
| linux | linux_kernel | 6.5.0-rc3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's handling of network tunnels. Specifically, when the kernel tries to emit an ICMP error in response to a nonlinear socket buffer (skb), it triggers a bug related to the ip_compute_csum() function, which cannot handle nonlinear skbs properly. This leads to a slab-out-of-bounds memory read error detected by KASAN (Kernel Address Sanitizer), causing the kernel to crash or become unstable. The fix avoids calling ip_compute_csum() on nonlinear skbs, preventing this error.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash or become unstable when processing certain network packets, specifically when generating ICMP errors for nonlinear socket buffers. This can lead to denial of service conditions, where network communication is disrupted or the system becomes unresponsive.