DEBIAN-CVE-2023-53365

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/DEBIAN-CVE-2023-53365

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53365.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-53365

Upstream

CVE-2023-53365

Published

2025-09-17T15:15:40Z

Modified

2025-09-19T07:33:42.598829Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skbunderpanic in ip6mrcachereport() skbuff: skbunderpanic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg ------------[ cut here ]------------ kernel BUG at net/core/skbuff.c:192! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 2 PID: 22968 Comm: kworker/2:11 Not tainted 6.5.0-rc3-00044-g0a8db05b571a #236 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Workqueue: ipv6addrconf addrconfdadwork RIP: 0010:skbpanic+0x152/0x1d0 Call Trace: <TASK> skbpush+0xc4/0xe0 ip6mrcachereport+0xd69/0x19b0 regvifxmit+0x406/0x690 devhardstartxmit+0x17e/0x6e0 _devqueuexmit+0x2d6a/0x3d20 vlandevhardstartxmit+0x3ab/0x5c0 devhardstartxmit+0x17e/0x6e0 _devqueuexmit+0x2d6a/0x3d20 neighconnectedoutput+0x3ed/0x570 ip6finishoutput2+0x5b5/0x1950 ip6finishoutput+0x693/0x11c0 ip6output+0x24b/0x880 NFHOOK.constprop.0+0xfd/0x530 ndiscsendskb+0x9db/0x1400 ndiscsendrs+0x12a/0x6c0 addrconfdadcompleted+0x3c9/0xea0 addrconfdadwork+0x849/0x1420 processonework+0xa22/0x16e0 workerthread+0x679/0x10c0 retfromfork+0x28/0x60 retfromforkasm+0x11/0x20 When setup a vlan device on dev pim6reg, DAD ns packet may sent on regvifxmit(). regvifxmit() ip6mrcachereport() skbpush(skb, -skbnetworkoffset(pkt));//skbnetworkoffset(pkt) is 4 And skbpush declared as: void *skbpush(struct skbuff *skb, unsigned int len); skb->data -= len; //0xffff88805f86a84c - 0xfffffffc = 0xffff887f5f86a850 skb->data is set to 0xffff887f5f86a850, which is invalid mem addr, lead to skbpush() fails.

References

https://security-tracker.debian.org/tracker/CVE-2023-53365

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.191-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

5.10.84-1

5.10.92-1~bpo10+1

5.10.92-1

5.10.92-2

5.10.103-1~bpo10+1

5.10.103-1

5.10.106-1

5.10.113-1

5.10.120-1~bpo10+1

5.10.120-1

5.10.127-1

5.10.127-2~bpo10+1

5.10.127-2

5.10.136-1

5.10.140-1

5.10.148-1

5.10.149-1

5.10.149-2

5.10.158-1

5.10.158-2

5.10.162-1

5.10.178-1

5.10.178-2

5.10.178-3

5.10.179-1

5.10.179-2

5.10.179-3

5.10.179-4

5.10.179-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.52-1

Affected versions

6.*

6.1.27-1

6.1.37-1

6.1.38-1

6.1.38-2~bpo11+1

6.1.38-2

6.1.38-3

6.1.38-4~bpo11+1

6.1.38-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}