Null Pointer Dereference in Linux Kernel Due to IPv6 Extended Header
CVE-2023-53343

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 17 September 2025

What is CVE-2023-53343?

A vulnerability in the Linux kernel allows a packet using link-local addresses in conjunction with IPv6 Extended Headers (RPL, SRv6, etc.) to be processed. If the routing engine fails to find a viable route for the packet, it leads to a potential null pointer dereference scenario where the input device is misconfigured. This can result in a system crash or unexpected behaviors during packet processing. Care should be taken to ensure proper handling of null pointers in these scenarios, as it may affect the stability and security of systems reliant on IPv6 networking.

Affected Version(s)

Linux 4832c30d5458387ff2533ff66fbde26ad8bb5a2d < 8803c59fde4dd370a627dfbf7183682fa0cabf70

Linux 4832c30d5458387ff2533ff66fbde26ad8bb5a2d < 61b4c4659746959056450b92a5d7e6bc1243b31b

Linux 4832c30d5458387ff2533ff66fbde26ad8bb5a2d

References

https://git.kernel.org/stable/c/8803c59fde4dd370a627dfbf7...

https://git.kernel.org/stable/c/61b4c4659746959056450b92a...

https://git.kernel.org/stable/c/d30ddd7ff15df9d91a793ce3f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 17, 2025
Vulnerability Reserved
Sep 16, 2025