Linux Kernel Vulnerability in macvlan Affected by Broadcast Cutoff
CVE-2023-53516

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2023-53516?

A vulnerability in the Linux kernel's macvlan module involves the absence of a description for the nla_policy associated with the IFLA_MACVLAN_BC_CUTOFF attribute. This oversight allows a malicious user to manipulate the associated NLA_S32 (4 bytes) integer as empty (0 bytes), potentially leading to an out-of-bounds (OOB) read in the heap similar to previous vulnerabilities. The recent fix ensures complete nla_policy enforcement for IFLA_MACVLAN_BC_CUTOFF, preventing such exploitation by implementing necessary length checks.

Affected Version(s)

Linux 954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348 < 79f44709aa7a744fbfbadd4aef678443290c6991

Linux 954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348 < 55cef78c244d0d076f5a75a35530ca63c92f4426

Linux 6.4

References

https://git.kernel.org/stable/c/79f44709aa7a744fbfbadd4ae...

https://git.kernel.org/stable/c/55cef78c244d0d076f5a75a35...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Oct 1, 2025

JSON