-

CVE-2023-53705

EPSS 0.04%
Veröffentlicht 22.10.2025 13:23:42
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

ipv6: Fix out-of-bounds access in ipv6_find_tlv()

In the Linux kernel, the following vulnerability has been resolved:

ipv6: Fix out-of-bounds access in ipv6_find_tlv()

optlen is fetched without checking whether there is more than one byte to parse.
It can lead to out-of-bounds access.

Found by InfoTeCS on behalf of Linux Verification Center
(linuxtesting.org) with SVACE.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

CNA 2 VulnDex Vulnerability Enrichment 11

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version c61a404325093250b676f40ad8f4dd00f3bcab5f

Version < 59e656d0d4a84ea0ee9a39c6f69160a3effccc94

Status affected

Version c61a404325093250b676f40ad8f4dd00f3bcab5f

Version < 04bf69e3de435d793a203aacc4b774f8f9f2baeb

Status affected

Version c61a404325093250b676f40ad8f4dd00f3bcab5f

Version < 011f47c8b8389154f996f5f69da8efc3a3beefef

Status affected

Version c61a404325093250b676f40ad8f4dd00f3bcab5f

Version < e5f82688ae10f5f386952e65e941bb8868ee54dc

Status affected

Version c61a404325093250b676f40ad8f4dd00f3bcab5f

Version < 9b92e2d0eb696d7586ba832c8854653b59887da0

Status affected

Version c61a404325093250b676f40ad8f4dd00f3bcab5f

Version < 91dd8aab9c9f193210681b86b6b92840ffe74f0c

Status affected

Version c61a404325093250b676f40ad8f4dd00f3bcab5f

Version < ae68c0f7edbc9a294094ce03a0aaf45aa489ce40

Status affected

Version c61a404325093250b676f40ad8f4dd00f3bcab5f

Version < 878ecb0897f4737a4c9401f3523fd49589025671

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.19

Status affected

Version 0

Version < 2.6.19

Status unaffected

Version <= 4.14.*

Version 4.14.316

Status unaffected

Version <= 4.19.*

Version 4.19.284

Status unaffected

Version <= 5.4.*

Version 5.4.244

Status unaffected

Version <= 5.10.*

Version 5.10.181

Status unaffected

Version <= 5.15.*

Version 5.15.114

Status unaffected

Version <= 6.1.*

Version 6.1.31

Status unaffected

Version <= 6.3.*

Version 6.3.5

Status unaffected

Version <= *

Version 6.4

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.121

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/59e656d0d4a84ea0ee9a39c6f69160a3effccc94

https://git.kernel.org/stable/c/04bf69e3de435d793a203aacc4b774f8f9f2baeb

https://git.kernel.org/stable/c/011f47c8b8389154f996f5f69da8efc3a3beefef

https://git.kernel.org/stable/c/e5f82688ae10f5f386952e65e941bb8868ee54dc

https://git.kernel.org/stable/c/9b92e2d0eb696d7586ba832c8854653b59887da0

https://git.kernel.org/stable/c/91dd8aab9c9f193210681b86b6b92840ffe74f0c

https://git.kernel.org/stable/c/ae68c0f7edbc9a294094ce03a0aaf45aa489ce40

https://git.kernel.org/stable/c/878ecb0897f4737a4c9401f3523fd49589025671

https://nvd.nist.gov/vuln/detail/CVE-2023-53705

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53705

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53705

EUVD