CVE-2023-53442NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at the same time can result in nullptr dereference. To prevent this, check if ADQ is active when changing devlink mode to switchdev mode, and check if switchdev is active when enabling ADQ.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel5.166.1.47+2
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linuxfbc7b27af0f9fb181811424e29caf6825594a8411c82d1b736ce85e77fd4da05eca6f1f4a52a2bc3+3
debiandebian/linux< linux 6.1.52-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2023-53442: In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are2025-09-18
GHSA
GHSA-4r9g-c2fj-783p: In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev ar2025-09-18

📋Vendor Advisories

2
Red Hat
kernel: ice: Block switchdev mode when ADQ is active and vice versa2025-09-18
Debian
CVE-2023-53442: linux - In the Linux kernel, the following vulnerability has been resolved: ice: Block ...2023
CVE-2023-53442 — NULL Pointer Dereference in Linux | cvebase