{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-53782", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-08T23:58:35.272Z", "datePublished": "2025-12-09T00:00:37.741Z", "dateUpdated": "2025-12-09T00:00:37.741Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-09T00:00:37.741Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndccp: Fix out of bounds access in DCCP error handler\n\nThere was a previous attempt to fix an out-of-bounds access in the DCCP\nerror handlers, but that fix assumed that the error handlers only want\nto access the first 8 bytes of the DCCP header. Actually, they also look\nat the DCCP sequence number, which is stored beyond 8 bytes, so an\nexplicit pskb_may_pull() is required."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/dccp/ipv4.c", "net/dccp/ipv6.c"], "versions": [{"version": "6706a97fec963d6cb3f7fc2978ec1427b4651214", "lessThan": "3533e10272555c422a7d51ebc0ce8c483429f7f2", "status": "affected", "versionType": "git"}, {"version": "6706a97fec963d6cb3f7fc2978ec1427b4651214", "lessThan": "177212bf6dc1ff2d13d0409cddc5c9e81feec63d", "status": "affected", "versionType": "git"}, {"version": "6706a97fec963d6cb3f7fc2978ec1427b4651214", "lessThan": "7a7dd70cb954d3efa706a429687ded88c02496fa", "status": "affected", "versionType": "git"}, {"version": "6706a97fec963d6cb3f7fc2978ec1427b4651214", "lessThan": "4b8a938e329ae4eb54b73b0c87b5170607b038a8", "status": "affected", "versionType": "git"}, {"version": "6706a97fec963d6cb3f7fc2978ec1427b4651214", "lessThan": "6ecf09699eb1554299aa1e7fd13e9e80f656c2f9", "status": "affected", "versionType": "git"}, {"version": "6706a97fec963d6cb3f7fc2978ec1427b4651214", "lessThan": "f8a7f10a1dccf9868ff09342a73dce27501b86df", "status": "affected", "versionType": "git"}, {"version": "6706a97fec963d6cb3f7fc2978ec1427b4651214", "lessThan": "d8171411a661253e6271fa10b65b46daf1b6471c", "status": "affected", "versionType": "git"}, {"version": "6706a97fec963d6cb3f7fc2978ec1427b4651214", "lessThan": "ec620c34f5fa5d055f9f6136a387755db6157712", "status": "affected", "versionType": "git"}, {"version": "6706a97fec963d6cb3f7fc2978ec1427b4651214", "lessThan": "977ad86c2a1bcaf58f01ab98df5cc145083c489c", "status": "affected", "versionType": "git"}, {"version": "96106a207ae972d8f9e4815e84c159f29e4bbee7", "status": "affected", "versionType": "git"}, {"version": "261def571d19d3b4e2228643c5c0ac89f5e10d15", "status": "affected", "versionType": "git"}, {"version": "dbf1719c65fb0368a94d15767c669e47e295a073", "status": "affected", "versionType": "git"}, {"version": "46b1ffd4738a3ee04b2e8f5a4b8cfc39e9c722a2", "status": "affected", "versionType": "git"}, {"version": "a2df29ed840f90e459a3f8ff029b216be3912731", "status": "affected", "versionType": "git"}, {"version": "ba93cf7d2118774c0b2dcfccc8ae999427815caa", "status": "affected", "versionType": "git"}, {"version": "4ca7e66fcce02459fa6961979f9fe30ae1098cf0", "status": "affected", "versionType": "git"}, {"version": "bd380617d5d161ea2bbe7a8073b3ca7bca0381e5", "status": "affected", "versionType": "git"}, {"version": "bfe7d1dee859cad6802f8e21a0a863f408114612", "status": "affected", "versionType": "git"}, {"version": "968953df833c61fce5adcc0612efeaced24e5719", "status": "affected", "versionType": "git"}, {"version": "99131760a8851e6e5b2c9b24d0a68a3068923a08", "status": "affected", "versionType": "git"}, {"version": "84d9c612bb7a9e44c6bf286bedfbe72a6d2d71d4", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/dccp/ipv4.c", "net/dccp/ipv6.c"], "versions": [{"version": "4.9", "status": "affected"}, {"version": "0", "lessThan": "4.9", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.326", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.295", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.257", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.195", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.132", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.53", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4.16", "lessThanOrEqual": "6.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5.3", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "4.14.326"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "4.19.295"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "5.4.257"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "5.10.195"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "5.15.132"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "6.1.53"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "6.4.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "6.5.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "6.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.2.87"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10.105"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.12.68"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.16.42"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.4.34"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.8.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.2.87"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10.105"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.12.68"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.16.42"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.4.34"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.8.10"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/3533e10272555c422a7d51ebc0ce8c483429f7f2"}, {"url": "https://git.kernel.org/stable/c/177212bf6dc1ff2d13d0409cddc5c9e81feec63d"}, {"url": "https://git.kernel.org/stable/c/7a7dd70cb954d3efa706a429687ded88c02496fa"}, {"url": "https://git.kernel.org/stable/c/4b8a938e329ae4eb54b73b0c87b5170607b038a8"}, {"url": "https://git.kernel.org/stable/c/6ecf09699eb1554299aa1e7fd13e9e80f656c2f9"}, {"url": "https://git.kernel.org/stable/c/f8a7f10a1dccf9868ff09342a73dce27501b86df"}, {"url": "https://git.kernel.org/stable/c/d8171411a661253e6271fa10b65b46daf1b6471c"}, {"url": "https://git.kernel.org/stable/c/ec620c34f5fa5d055f9f6136a387755db6157712"}, {"url": "https://git.kernel.org/stable/c/977ad86c2a1bcaf58f01ab98df5cc145083c489c"}], "title": "dccp: Fix out of bounds access in DCCP error handler", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndccp: Fix out of bounds access in DCCP error handler\n\nThere was a previous attempt to fix an out-of-bounds access in the DCCP\nerror handlers, but that fix assumed that the error handlers only want\nto access the first 8 bytes of the DCCP header. Actually, they also look\nat the DCCP sequence number, which is stored beyond 8 bytes, so an\nexplicit pskb_may_pull() is required."}], "id": "CVE-2023-53782", "lastModified": "2025-12-09T18:37:13.640", "metrics": {}, "published": "2025-12-09T01:16:49.407", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/177212bf6dc1ff2d13d0409cddc5c9e81feec63d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3533e10272555c422a7d51ebc0ce8c483429f7f2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/4b8a938e329ae4eb54b73b0c87b5170607b038a8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6ecf09699eb1554299aa1e7fd13e9e80f656c2f9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7a7dd70cb954d3efa706a429687ded88c02496fa"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/977ad86c2a1bcaf58f01ab98df5cc145083c489c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d8171411a661253e6271fa10b65b46daf1b6471c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ec620c34f5fa5d055f9f6136a387755db6157712"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f8a7f10a1dccf9868ff09342a73dce27501b86df"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: dccp: Fix out of bounds access in DCCP error handler", "id": "2420260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420260"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndccp: Fix out of bounds access in DCCP error handler\nThere was a previous attempt to fix an out-of-bounds access in the DCCP\nerror handlers, but that fix assumed that the error handlers only want\nto access the first 8 bytes of the DCCP header. Actually, they also look\nat the DCCP sequence number, which is stored beyond 8 bytes, so an\nexplicit pskb_may_pull() is required."], "name": "CVE-2023-53782", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-53782\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53782\nhttps://lore.kernel.org/linux-cve-announce/2025120939-CVE-2023-53782-6428@gregkh/T"], "threat_severity": "Moderate"}

{}