CVE-2023-53516

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-53516
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53516.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-53516
Downstream
Related
Published
2025-10-01T11:46:03Z
Modified
2025-10-21T16:50:35.184272Z
Summary
macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF
Details

In the Linux kernel, the following vulnerability has been resolved:

macvlan: add forgotten nlapolicy for IFLAMACVLANBCCUTOFF

The previous commit 954d1fa1ac93 ("macvlan: Add netlink attribute for broadcast cutoff") added one additional attribute named IFLAMACVLANBC_CUTOFF to allow broadcast cutfoff.

However, it forgot to describe the nlapolicy at macvlanpolicy (drivers/net/macvlan.c). Hence, this suppose NLA_S32 (4 bytes) integer can be faked as empty (0 bytes) by a malicious user, which could leads to OOB in heap just like CVE-2023-3773.

To fix it, this commit just completes the nlapolicy description for IFLAMACVLANBCCUTOFF. This enforces the length check and avoids the potential OOB read.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348
Fixed
79f44709aa7a744fbfbadd4aef678443290c6991
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348
Fixed
55cef78c244d0d076f5a75a35530ca63c92f4426

Affected versions

v6.*

v6.3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.4.6
v6.4.7
v6.5-rc1
v6.5-rc2

Database specific

vanir_signatures

[
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@55cef78c244d0d076f5a75a35530ca63c92f4426",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "drivers/net/macvlan.c"
        },
        "id": "CVE-2023-53516-32e7c059",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "231896791926298199024504274134414468524",
                "44070784757935394698580541106425470984",
                "12085449980150389533260824347150222645",
                "185440807030940563390914203614160125923"
            ]
        },
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@79f44709aa7a744fbfbadd4aef678443290c6991",
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "drivers/net/macvlan.c"
        },
        "id": "CVE-2023-53516-80ab9fba",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "231896791926298199024504274134414468524",
                "44070784757935394698580541106425470984",
                "12085449980150389533260824347150222645",
                "185440807030940563390914203614160125923"
            ]
        },
        "signature_type": "Line"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.4.0
Fixed
6.4.8