{"id":"CVE-2023-53516","summary":"macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmacvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF\n\nThe previous commit 954d1fa1ac93 (\"macvlan: Add netlink attribute for\nbroadcast cutoff\") added one additional attribute named\nIFLA_MACVLAN_BC_CUTOFF to allow broadcast cutfoff.\n\nHowever, it forgot to describe the nla_policy at macvlan_policy\n(drivers/net/macvlan.c). Hence, this suppose NLA_S32 (4 bytes) integer\ncan be faked as empty (0 bytes) by a malicious user, which could leads\nto OOB in heap just like CVE-2023-3773.\n\nTo fix it, this commit just completes the nla_policy description for\nIFLA_MACVLAN_BC_CUTOFF. This enforces the length check and avoids the\npotential OOB read.","modified":"2026-04-02T09:44:21.603445Z","published":"2025-10-01T11:46:03.878Z","related":["SUSE-SU-2025:03600-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20851-1","SUSE-SU-2025:20861-1","SUSE-SU-2025:20870-1","SUSE-SU-2025:20898-1","SUSE-SU-2025:3751-1","SUSE-SU-2025:4057-1","SUSE-SU-2025:4132-1","SUSE-SU-2025:4141-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53516.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/55cef78c244d0d076f5a75a35530ca63c92f4426"},{"type":"WEB","url":"https://git.kernel.org/stable/c/79f44709aa7a744fbfbadd4aef678443290c6991"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53516.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53516"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348"},{"fixed":"79f44709aa7a744fbfbadd4aef678443290c6991"},{"fixed":"55cef78c244d0d076f5a75a35530ca63c92f4426"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53516.json"}}],"schema_version":"1.7.5"}