CVE-2023-53499Incomplete Cleanup in Linux

CWE-459Incomplete Cleanup5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 96.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 1

Description

In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix error unwinding of XDP initialization When initializing XDP in virtnet_open(), some rq xdp initialization may hit an error causing net device open failed. However, previous rqs have already initialized XDP and enabled NAPI, which is not the expected behavior. Need to roll back the previous rq initialization to avoid leaks in error unwinding of init code. Also extract helper functions of disable and enable queu

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.165.15.113+3
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linux754b8a21a96d5f11712245aef907149606b323ae6a7690f2bd178eee80f33411ae32e543ae66379c+4
debiandebian/linux< linux 6.1.37-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2023-53499: In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix error unwinding of XDP initialization When initializing XDP in vir2025-10-01
GHSA
GHSA-vqh8-wgc6-cwjc: In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix error unwinding of XDP initialization When initializing XDP in v2025-10-01

📋Vendor Advisories

2
Red Hat
kernel: virtio_net: Fix error unwinding of XDP initialization2025-10-01
Debian
CVE-2023-53499: linux - In the Linux kernel, the following vulnerability has been resolved: virtio_net:...2023