VYPR
High severity7.8NVD Advisory· Published Oct 4, 2025· Updated Jun 1, 2026

CVE-2023-53543

CVE-2023-53543

Description

In the Linux kernel, the following vulnerability has been resolved:

vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check

The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr pointer in info->attrs before entering into each handler in vdpa_nl_ops.

That is to say, the missing part in vdpa_nl_policy may lead to illegal nlattr after parsing, which could lead to OOB read just like CVE-2023-3773.

This patch adds the missing nla_policy for vdpa max vqp attr to avoid such bugs.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

83

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.