CVE-2023-53499

MEDIUM EPSS 4.3%
Published Oct 1, 20259mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 1, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix error unwinding of XDP initialization When initializing XDP in virtnet_open(), some rq xdp initialization may hit an error causing net device open failed. However, previous rqs have already initialized XDP and enabled NAPI, which is not the expected behavior. Need to roll back the previous rq initialization to avoid leaks in error unwinding of init code. Also extract helper functions of disable and enable queue pairs. Use newly introduced disable helper function in error unwinding and virtnet_close. Use enable helper function in virtnet_open.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥4.16  –  <5.15.113
linuxlinux_kernel*≥5.16  –  <6.1.30
linuxlinux_kernel*≥6.2  –  <6.3.4
linuxlinux_kernel6.4any
linuxlinux_kernel6.4any

References 4

  • git.kernel.org https://git.kernel.org/stable/c/037768b28e3752c07d63d1c72a651a6775b080bb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5306623a9826aa7d63b32c6a3803c798a765474d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6a7690f2bd178eee80f33411ae32e543ae66379c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/73f53bc295727a3cdbd9d6bcdfaa239258970cf4
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/037768b28e3752c07d63d1c72a651a6775b080bb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5306623a9826aa7d63b32c6a3803c798a765474d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6a7690f2bd178eee80f33411ae32e543ae66379c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/73f53bc295727a3cdbd9d6bcdfaa239258970cf4
    Patch