VYPR
Unrated severityNVD Advisory· Published Oct 7, 2025· Updated Jan 5, 2026

xfrm: Zero padding when dumping algos and encap

CVE-2023-53684

Description

In the Linux kernel, the following vulnerability has been resolved:

xfrm: Zero padding when dumping algos and encap

When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random (possibly sensitve) data and should never be given directly to user-space.

This patch fixes the copying of xfrm algorithms and the encap template in xfrm_user so that padding is zeroed.

Affected products

2
  • Linux/Kernelllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 5.11

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.