{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-26T02:36:34.241","vulnerabilities":[{"cve":{"id":"CVE-2023-53365","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-09-17T15:15:40.803","lastModified":"2026-01-14T19:16:33.520","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nip6mr: Fix skb_under_panic in ip6mr_cache_report()\n\nskbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4\n head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg\n ------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:192!\n invalid opcode: 0000 [#1] PREEMPT SMP KASAN\n CPU: 2 PID: 22968 Comm: kworker/2:11 Not tainted 6.5.0-rc3-00044-g0a8db05b571a #236\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Workqueue: ipv6_addrconf addrconf_dad_work\n RIP: 0010:skb_panic+0x152/0x1d0\n Call Trace:\n  <TASK>\n  skb_push+0xc4/0xe0\n  ip6mr_cache_report+0xd69/0x19b0\n  reg_vif_xmit+0x406/0x690\n  dev_hard_start_xmit+0x17e/0x6e0\n  __dev_queue_xmit+0x2d6a/0x3d20\n  vlan_dev_hard_start_xmit+0x3ab/0x5c0\n  dev_hard_start_xmit+0x17e/0x6e0\n  __dev_queue_xmit+0x2d6a/0x3d20\n  neigh_connected_output+0x3ed/0x570\n  ip6_finish_output2+0x5b5/0x1950\n  ip6_finish_output+0x693/0x11c0\n  ip6_output+0x24b/0x880\n  NF_HOOK.constprop.0+0xfd/0x530\n  ndisc_send_skb+0x9db/0x1400\n  ndisc_send_rs+0x12a/0x6c0\n  addrconf_dad_completed+0x3c9/0xea0\n  addrconf_dad_work+0x849/0x1420\n  process_one_work+0xa22/0x16e0\n  worker_thread+0x679/0x10c0\n  ret_from_fork+0x28/0x60\n  ret_from_fork_asm+0x11/0x20\n\nWhen setup a vlan device on dev pim6reg, DAD ns packet may sent on reg_vif_xmit().\nreg_vif_xmit()\n    ip6mr_cache_report()\n        skb_push(skb, -skb_network_offset(pkt));//skb_network_offset(pkt) is 4\nAnd skb_push declared as:\n\tvoid *skb_push(struct sk_buff *skb, unsigned int len);\n\t\tskb->data -= len;\n\t\t//0xffff88805f86a84c - 0xfffffffc = 0xffff887f5f86a850\nskb->data is set to 0xffff887f5f86a850, which is invalid mem addr, lead to skb_push() fails."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.26","versionEndExcluding":"4.14.322","matchCriteriaId":"3AE49B83-4BFC-45E2-B988-C67C1F2A3B47"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.291","matchCriteriaId":"D2D2CA9F-4CC4-4AF5-8C6D-E58415AB782E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.253","matchCriteriaId":"0707E9FF-8CDE-4AC1-98F3-5BB74EF88F8A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.190","matchCriteriaId":"B8DECE4F-2D62-4976-B338-963015198AC8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.126","matchCriteriaId":"C552AC9E-23B8-4D7D-AA26-57985BD93962"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.45","matchCriteriaId":"A0CA013D-55AF-4494-A931-AFC8EA64E875"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.4.10","matchCriteriaId":"7BB0D94C-4FCE-46F4-A8D4-062D6A84627A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*","matchCriteriaId":"0B3E6E4D-E24E-4630-B00C-8C9901C597B0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*","matchCriteriaId":"E4A01A71-0F09-4DB2-A02F-7EFFBE27C98D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*","matchCriteriaId":"F5608371-157A-4318-8A2E-4104C3467EA1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*","matchCriteriaId":"2226A776-DF8C-49E0-A030-0A7853BB018A"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0438e60a00d4e335b3c36397dbf26c74b5d13ef0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1683124129a4263dd5bce2475bab110e95fa0346","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1bb54a21f4d9b88442f8c3307c780e2db64417e4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/30e0191b16e8a58e4620fa3e2839ddc7b9d4281c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3326c711f18d18fe6e1f5d83d3a7eab07e5a1560","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/691a09eecad97e745b9aa0e3918db46d020bdacb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8382e7ed2d63e6c2daf6881fa091526dc6c879cd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a96d74d1076c82a4cef02c150d9996b21354c78d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}