Linux Kernel DSA Driver Unbinding Issue in Ocelot Tagging Protocol
CVE-2023-53855

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 December 2025

What is CVE-2023-53855?

A vulnerability in the Linux kernel's DSA driver when utilizing the Ocelot tagging protocol can lead to improper handling during driver unbinding operations. This flaw manifests when the driver is removed while the protocol is active, potentially causing assertion failures and leaving the system in a compromised state. The bug is particularly difficult to detect as the Ocelot protocol is not the default setting, and many users might not test this unbinding path unless intentionally configured.

Affected Version(s)

Linux 7c83a7c539abe9f980996063ac20532a7a7f6eb1 < 758dbcfb257e1aee0a310bae789c2af6ffe35d0f

Linux 7c83a7c539abe9f980996063ac20532a7a7f6eb1 < 7ae8fa6b70975b6efbbef7912d09bff5a0bff491

Linux 7c83a7c539abe9f980996063ac20532a7a7f6eb1

References

https://git.kernel.org/stable/c/758dbcfb257e1aee0a310bae7...

https://git.kernel.org/stable/c/7ae8fa6b70975b6efbbef7912...

https://git.kernel.org/stable/c/a94c16a2fda010866b8858a38...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Dec 9, 2025

JSON