CVE-2023-54265Use of Uninitialized Variable in Linux

CWE-457Use of Uninitialized Variable7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix an uninit variable access bug in __ip6_make_skb() Syzbot reported a bug as following: BUG: KMSAN: uninit-value in arch_atomic64_inc arch/x86/include/asm/atomic64_64.h:88 [inline] BUG: KMSAN: uninit-value in arch_atomic_long_inc include/linux/atomic/atomic-long.h:161 [inline] BUG: KMSAN: uninit-value in atomic_long_inc include/linux/atomic/atomic-instrumented.h:1429 [inline] BUG: KMSAN: uninit-value in __ip6_make_skb

Affected Packages4 packages

Linuxlinux/linux_kernel2.6.244.14.313+6
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux14878f75abd5bf1d38becb405801cd491ee215dc165370522cc48127da564a08584a7391e6341908+8
debiandebian/linux< linux 6.1.25-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-54265: In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix an uninit variable access bug in __ip6_make_skb() Syzbot reported a bug2025-12-30
GHSA
GHSA-wm5w-7h48-37x2: In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix an uninit variable access bug in __ip6_make_skb() Syzbot reported a bu2025-12-30
OSV
ipv6: Fix an uninit variable access bug in __ip6_make_skb()2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: ipv6: Fix an uninit variable access bug in __ip6_make_skb()2025-12-30
Debian
CVE-2023-54265: linux - In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix a...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54265 Impact, Exploitability, and Mitigation Steps | Wiz