CVE-2023-53499

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53499
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53499.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53499
Downstream
Related
Published
2025-10-01T11:45:50.367Z
Modified
2026-03-20T12:33:11.624214Z
Summary
virtio_net: Fix error unwinding of XDP initialization
Details

In the Linux kernel, the following vulnerability has been resolved:

virtio_net: Fix error unwinding of XDP initialization

When initializing XDP in virtnet_open(), some rq xdp initialization may hit an error causing net device open failed. However, previous rqs have already initialized XDP and enabled NAPI, which is not the expected behavior. Need to roll back the previous rq initialization to avoid leaks in error unwinding of init code.

Also extract helper functions of disable and enable queue pairs. Use newly introduced disable helper function in error unwinding and virtnetclose. Use enable helper function in virtnetopen.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53499.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
754b8a21a96d5f11712245aef907149606b323ae
Fixed
6a7690f2bd178eee80f33411ae32e543ae66379c
Fixed
73f53bc295727a3cdbd9d6bcdfaa239258970cf4
Fixed
037768b28e3752c07d63d1c72a651a6775b080bb
Fixed
5306623a9826aa7d63b32c6a3803c798a765474d

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53499.json"