Arithmetic Overflow Vulnerability in Linux Kernel Affecting Network Driver
CVE-2023-53661

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 7 October 2025

What is CVE-2023-53661?

An arithmetic overflow issue exists within the Linux kernel's bnxt network driver due to improper expression handling. This vulnerability arises from an oversight in casting operands to a larger data type before computation. By utilizing a macro for multiplication instead of direct operators, potential overflow scenarios can be effectively avoided. This flaw was identified by Security Code and the Linux Verification Center, emphasizing the necessity for diligent coding practices in kernel development.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 17e0453a7523ad7a25bb47af941b150a6c66d7b6

References

https://git.kernel.org/stable/c/d5eaf2a6b077f32a477feb1e9...

https://git.kernel.org/stable/c/efb1a257513438d43f4335f09...

https://git.kernel.org/stable/c/17e0453a7523ad7a25bb47af9...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 7, 2025
Vulnerability Reserved
Oct 7, 2025

JSON