Linux Kernel Network Device Vulnerability and Information Leak
CVE-2023-53863

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 December 2025

What is CVE-2023-53863?

An identified vulnerability in the Linux kernel pertains to improper handling of network device addresses during netlink FDB dumps. This issue arises from hardcoded values not accommodating devices with varying address lengths, potentially causing sensitive data exposure through information leaks. Such leaks can occur when address lengths deviate from the expected six bytes, resulting in uninitialized data being stored in memory during routine operations. It is crucial for system administrators to swiftly apply relevant updates to safeguard against this vulnerability.

Affected Version(s)

Linux d83b060360485454fcd6870340ec01d6f96f2295 < 61d1bf3c34bf5fe936c50d1a4bc460babcc85e88

Linux d83b060360485454fcd6870340ec01d6f96f2295

References

https://git.kernel.org/stable/c/61d1bf3c34bf5fe936c50d1a4...

https://git.kernel.org/stable/c/c3ad49ff5c030cbe719fc4cb0...

https://git.kernel.org/stable/c/bd1de6107f10e7d4c2aabe339...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Dec 9, 2025

JSON