VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 24, 2025· Updated Apr 15, 2026

CVE-2023-54031

CVE-2023-54031

Description

In the Linux kernel, the following vulnerability has been resolved:

vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check

The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr pointer in info->attrs before entering into each handler in vdpa_nl_ops.

That is to say, the missing part in vdpa_nl_policy may lead to illegal nlattr after parsing, which could lead to OOB read just like CVE-2023-3773.

This patch adds the missing nla_policy for vdpa queue index attr to avoid such bugs.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Linux kernel vdpa missing nlattr policy for queue index could lead to OOB read; fixed by adding nla_policy.

Vulnerability

In the Linux kernel's vdpa subsystem, the vdpa_nl_policy structure lacked an entry for the queue index attribute. This missing policy meant that the attribute was not properly validated during netlink message parsing, potentially allowing an out-of-bounds (OOB) read similar to CVE-2023-3773 [1].

Exploitation

An attacker could send a specially crafted netlink message to the vdpa interface. The missing nla_policy would cause the kernel to process an invalid nlattr pointer, leading to an OOB read. The attack requires access to the vdpa netlink interface, which typically requires privileges but may be exposed in certain configurations.

Impact

A successful OOB read could leak sensitive kernel memory, potentially exposing confidential data or aiding in further exploitation. The vulnerability does not provide write access, but information disclosure can be a stepping stone for more severe attacks.

Mitigation

The fix adds the appropriate nla_policy for the queue index attribute to vdpa_nl_policy, ensuring proper length checks are performed. The patch has been merged into the Linux kernel stable tree [1]. Users should update to a kernel version containing this commit.

References
  1. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

3
8ad9bc25cbdc
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
ccb533b7070a
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
b3003e1b54e0
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.