#VU116280 Incorrect calculation in Linux kernel - CVE-2023-53502
Published: October 1, 2025 / Updated: October 27, 2025
Vulnerability identifier: #VU116280
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-53502
CWE-ID: CWE-682
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the xenvif_get_requests() function in drivers/net/xen-netback/netback.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/11e6919ae028b5de1fc48007354ea07069561b31
- https://git.kernel.org/stable/c/534fc31d09b706a16d83533e16b5dc855caf7576
- https://git.kernel.org/stable/c/b14a3924c2675c22e07a5a190223b6b6cdc2867d
- https://git.kernel.org/stable/c/bc7b9a6c2ca42b116b0f24dbaa52b5a07d96d1d6
- https://git.kernel.org/stable/c/cf482893f721f76ac60c0a43482a59b2f194156b
- https://git.kernel.org/stable/c/e1142d87c185c7d7bbf05d175754638b5b9dbf16
- https://git.kernel.org/stable/c/f9167a2d6b943f30743de6ff8163d1981c34f9a9
- https://git.kernel.org/stable/c/fa5b932b77c815d0e416612859d5899424bb4212
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.44