Vulnerability in Linux

CVE-2023-53863

In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes address [1] Replace ETH_ALEN by dev->addr_le…

EPSS: 0.002 (12.7th percentile) — read the EPSS interpretation.

Affected products

  • Linux — versions d83b060360485454fcd6870340ec01d6f96f2295, 3.5, 0

References