CVE-2023-53705
ipv6: Fix out-of-bounds access in ipv6_find_tlv()
Description
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with SVACE.
INFO
Published Date :
Oct. 22, 2025, 2:15 p.m.
Last Modified :
Oct. 22, 2025, 9:12 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Update the Linux kernel to the latest version.
- Verify the patch is applied to the system.
- Reboot the system after applying updates.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2023-53705.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2023-53705 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2023-53705
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2023-53705 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2023-53705 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Oct. 22, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with SVACE. Added Reference https://git.kernel.org/stable/c/011f47c8b8389154f996f5f69da8efc3a3beefef Added Reference https://git.kernel.org/stable/c/04bf69e3de435d793a203aacc4b774f8f9f2baeb Added Reference https://git.kernel.org/stable/c/59e656d0d4a84ea0ee9a39c6f69160a3effccc94 Added Reference https://git.kernel.org/stable/c/878ecb0897f4737a4c9401f3523fd49589025671 Added Reference https://git.kernel.org/stable/c/91dd8aab9c9f193210681b86b6b92840ffe74f0c Added Reference https://git.kernel.org/stable/c/9b92e2d0eb696d7586ba832c8854653b59887da0 Added Reference https://git.kernel.org/stable/c/ae68c0f7edbc9a294094ce03a0aaf45aa489ce40 Added Reference https://git.kernel.org/stable/c/e5f82688ae10f5f386952e65e941bb8868ee54dc