VLAN Protocol Helper Vulnerability in Linux Kernel
CVE-2023-53433

5.5MEDIUM

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 September 2025

What is CVE-2023-53433?

A vulnerability has been identified in the Linux kernel that involves improper handling of VLAN protocol data. The issue arises from the misleading use of the pskb_may_pull() function instead of the appropriate skb_header_pointer(). This oversight has potential implications for network packet processing, particularly for users relying on the skb structure for data manipulation. The introduction of the vlan_get_protocol_and_depth() helper function clarifies the intent and addresses the reliance on the readiness of the MAC header, thus enhancing network security. The vulnerability was detected by syzbot, highlighting vulnerabilities that could lead to unexpected behavior in packet transmission and processing.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 30d015f5ecd9ce5706ad18a4a0649f364e3e6f7b < 4188c5269475ac59d467b5814c5df02756f6d907

Linux 469aceddfa3ed16e17ee30533fae45e90f62efd8 < 34a5ee69ec6273f0aee79e7ce4d14afc83ca8122

Linux 469aceddfa3ed16e17ee30533fae45e90f62efd8 < 9dd9ffe118415b4ac1cebac43443000072bc8f46

References

https://git.kernel.org/stable/c/4188c5269475ac59d467b5814...
https://git.kernel.org/stable/c/34a5ee69ec6273f0aee79e7ce...
https://git.kernel.org/stable/c/9dd9ffe118415b4ac1cebac43...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.