CVE-2023-53600

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53600
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53600.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53600
Downstream
Related
Published
2025-10-04T15:44:11.775Z
Modified
2026-03-20T12:25:29.075003Z
Summary
tunnels: fix kasan splat when generating ipv4 pmtu error
Details

In the Linux kernel, the following vulnerability has been resolved:

tunnels: fix kasan splat when generating ipv4 pmtu error

If we try to emit an icmp error in response to a nonliner skb, we get

BUG: KASAN: slab-out-of-bounds in ipcomputecsum+0x134/0x220 Read of size 4 at addr ffff88811c50db00 by task iperf3/1691 CPU: 2 PID: 1691 Comm: iperf3 Not tainted 6.5.0-rc3+ #309 [..] kasanreport+0x105/0x140 ipcomputecsum+0x134/0x220 iptunnelpmtudbuildicmp+0x554/0x1020 skbtunnelcheckpmtu+0x513/0xb80 vxlanxmitone+0x139e/0x2ef0 vxlanxmit+0x1867/0x2760 devhardstartxmit+0x1ee/0x4f0 brdevqueuepush_xmit+0x4d1/0x660 [..]

ipcomputecsum() cannot deal with nonlinear skbs, so avoid it. After this change, splat is gone and iperf3 is no longer stuck.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53600.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4cb47a8644cc9eb8ec81190a50e79e6530d0297f
Fixed
5850c391fd7e25662334cb3cbf29a62bcbff1084
Fixed
e95808121953410db8c59f0abfde70ac0d34222c
Fixed
da5f42a6e7485fbb7a6dbd6a2b3045e19e4df5cc
Fixed
fe6a9f7516735be9fdabab00e47ef7a3403a174d
Fixed
6a7ac3d20593865209dceb554d8b3f094c6bd940

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53600.json"