VLAN Device Vulnerability in Linux Kernel Affecting Network Performance
CVE-2023-53365

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 17 September 2025

What is CVE-2023-53365?

A flaw in the Linux kernel's handling of VLAN devices can lead to memory corruption when a Duplicate Address Detection (DAD) Neighbor Solicitation packet is sent. The issue arises during the execution of function calls like reg_vif_xmit() and ip6mr_cache_report(), which manipulate the sk_buff structure to incorrectly set buffer data pointers. This mismanagement can result in a crash or instability in network performance, highlighting the need for immediate attention to affected kernel versions. Patch releases address this problem, ensuring better stability and reliability in network device operations.

Affected Version(s)

Linux 14fb64e1f449ef6666f1c3a3fa4e13aec669b98d

Linux 14fb64e1f449ef6666f1c3a3fa4e13aec669b98d < 8382e7ed2d63e6c2daf6881fa091526dc6c879cd

Linux 14fb64e1f449ef6666f1c3a3fa4e13aec669b98d < 0438e60a00d4e335b3c36397dbf26c74b5d13ef0

References

https://git.kernel.org/stable/c/a96d74d1076c82a4cef02c150...

https://git.kernel.org/stable/c/8382e7ed2d63e6c2daf6881fa...

https://git.kernel.org/stable/c/0438e60a00d4e335b3c36397d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 17, 2025
Vulnerability Reserved
Sep 17, 2025