CVE-2023-53535 [Medium] | Security Vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Add a check for oversized packets Occasionnaly we may get oversized packets from the hardware which exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early check which drops the packet to avoid invoking skb_over_panic() and move on to processing the next packet.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-10-05	—	0.02%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2025-10-05

—

0.02%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
5.5	3.1	MEDIUM	`CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H` Click to expand Attack vector (AV:L) They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:L) A normal user session is enough; they don’t have to be admin. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:N) Doesn’t really leak secrets in a meaningful way. Integrity (I:N) Data isn’t meaningfully altered or forged. Availability (A:H) Could take the service down hard or make it unusable for people who depend on it.	1.8	3.6	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

5.5

3.1

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Click to expand

Attack vector (AV:L): They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:L): A normal user session is enough; they don’t have to be admin.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:N): Doesn’t really leak secrets in a meaningful way.
Integrity (I:N): Data isn’t meaningfully altered or forged.
Availability (A:H): Could take the service down hard or make it unusable for people who depend on it.

1.8

3.6

[email protected]

OS Trackers for CVE-2023-53535

vendor	priority	summary	link
`debian`	not yet assigned	CVE-2023-53535 not yet assigned priority: Debian including 1 source packages (linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.	https://security-tracker.debian.org/tracker/CVE-2023-53535
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2023-53535
`suse`	medium	CVE-2023-53535 severity moderate: SUSE including 25 source package names (cluster-md-kmp-default, dlm-kmp-default, …), 130 product×package rows across 27 product lines (SUSE Linux Enterprise High Availability Extension 15 SP7, SUSE Linux Enterprise Live Patching 12 SP5, … (27 product lines)): Known Not Affected 130.	https://www.suse.com/security/cve/CVE-2023-53535/
`ubuntu`	medium	CVE-2023-53535 medium priority: Ubuntu including 158 source packages (linux, linux-allwinner-5.19, …), 1414 status rows across 9 suites (bionic, focal, jammy, noble, plucky, questing, trusty, upstream, xenial): DNE 1017, ignored 162, released 135, not-affected 79, needed 20, needs-triage 1.	https://ubuntu.com/security/CVE-2023-53535

Affected software / configurations for CVE-2023-53535

Vendor	Product	Version	Raw CPE
linux	linux_kernel	>= 3.15, < 4.14.308	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 4.15, < 4.19.276	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 4.20, < 5.4.235	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 5.5, < 5.10.173	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 5.11, < 5.15.99	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 5.16, < 6.1.16	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 6.2, < 6.2.3	cpe:2.3:o:linux:linux_kernel::::::::

References for CVE-2023-53535

URL	Tags
https://git.kernel.org/stable/c/124ca24e0de958d2e20e0aa1e2434af7b72f8887	Patch
https://git.kernel.org/stable/c/411317d2a4a7d6049d8efeef0d32ae43f8baefce	Patch
https://git.kernel.org/stable/c/5c0862c2c962052ed5055220a00ac1cefb92fbcd	Patch
https://git.kernel.org/stable/c/5f56767fb5f2df875b6553e08dbec6a45431c988	Patch
https://git.kernel.org/stable/c/7cdb07e10c1258c08f31b24898930e4ece88d163	Patch
https://git.kernel.org/stable/c/841881320562cbeac7046b537b91cd000480cea2	Patch
https://git.kernel.org/stable/c/87363d1ab55e497702a9506ff423c422639c8a25	Patch
https://git.kernel.org/stable/c/c34b1c0870323649d45c5074828d7f754dea2673	Patch

URL

CVE-2023-53535 | net: bcmgenet: Add a check for oversized packets

Exploit prediction scoring system (EPSS) score for CVE-2023-53535

Common vulnerability scoring system (CVSS) metrics for CVE-2023-53535

Weakness enumeration for CVE-2023-53535

OS Trackers for CVE-2023-53535

Affected software / configurations for CVE-2023-53535

References for CVE-2023-53535