Out-of-Bounds in Linux Kernel iavf Driver due to Channel Configuration
CVE-2023-53659

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
7 October 2025

What is CVE-2023-53659?

A vulnerability was identified in the iavf driver of the Linux kernel that may lead to out-of-bounds memory access during device removal processes. When the number of channels is set incorrectly during the iavf_remove() operation, it can cause the system to exceed the allocated range for active queues. This can result in undefined behavior and potential memory corruption, making it critical for system administrators to implement the appropriate kernel updates to prevent exploitation.

Affected Version(s)

Linux 1555d83ddbb7204ef60c58aee6ca3bbef2c5e99f

Linux 68d4274034e618b7f190dc9fbfc4f3436a7430f4 < 0fb37ce6c01e17839e26d03222f0b44e6a3ed2b9

Linux 4e5e6b5d9d1334d3490326b6922a2daaf56a867f < 6e1d8f1332076a002e6d910d255aa5903d341c56

References

https://git.kernel.org/stable/c/b92defe4e8ee86996c16417ad...
https://git.kernel.org/stable/c/0fb37ce6c01e17839e26d0322...
https://git.kernel.org/stable/c/6e1d8f1332076a002e6d910d2...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2023-53659 : Out-of-Bounds in Linux Kernel iavf Driver due to Channel Configuration