Linux Kernel Vulnerability in RDMA/cma - Multicast Join Restrictions
CVE-2023-53525

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2023-53525?

A vulnerability in the Linux kernel's RDMA/cma component allows the user Datagram (UD) queue pair type to join multicast groups without properly initializing key parameters. An uninitialized value access can lead to undefined behavior, potentially compromising the security and stability of the system. This vulnerability highlights the necessity for stricter controls on multicast join requests to prevent exploitation and ensure the integrity of data communication within the kernel's networking stack.

Affected Version(s)

Linux b5de0c60cc30c2a3513c7188c73f3f29acc29234

Linux b5de0c60cc30c2a3513c7188c73f3f29acc29234 < 48e8e7851dc0b1584d83817a78fc7108c8904b54

Linux b5de0c60cc30c2a3513c7188c73f3f29acc29234 < 02eabb635bc64bd1e3a7cf887d6d182bffb64b99

References

https://git.kernel.org/stable/c/ae11498851423d6de27aebfe1...

https://git.kernel.org/stable/c/48e8e7851dc0b1584d83817a7...

https://git.kernel.org/stable/c/02eabb635bc64bd1e3a7cf887...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Oct 1, 2025

JSON