Buffer Overflow in Linux Kernel Affecting Netfilter Conntrack
CVE-2023-53333

7.1HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2023-53333?

The vulnerability within the Linux kernel's netfilter conntrack subsystem allows for a buffer overflow due to inadequate handling of DCCP packet headers. The function nf_conntrack_dccp_packet fails to properly validate the size of incoming headers before copying them to the stack, potentially leading to out-of-bounds memory access. This security flaw could be exploited by malicious packets, allowing for further attacks or system instability. A fix has been implemented to expand the stack buffer and validate additional packet parameters, reinforcing the security measures for connection tracking.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 2bc780499aa33311ec0f3e42624dfaa7be0ade5e < 337fdce450637ea663bc816edc2ba81e5cdad02e

Linux 2bc780499aa33311ec0f3e42624dfaa7be0ade5e < 9bdcda7abaf22f6453e5b5efb7eb4e524095d5d8

Linux 2bc780499aa33311ec0f3e42624dfaa7be0ade5e

References

https://git.kernel.org/stable/c/337fdce450637ea663bc816ed...

https://git.kernel.org/stable/c/9bdcda7abaf22f6453e5b5efb...

https://git.kernel.org/stable/c/c052797ac36813419ad3bfa54...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Sep 16, 2025

JSON

Linux