[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-53354":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":66,"related":67,"reserved_at":9,"published_at":78,"modified_at":79,"state":80,"summary":81,"references_raw":90,"kevs":125,"epss":126,"epss_history":129,"metrics":398,"affected":406},"CVE-2023-53354","In the Linux kernel, the following vulnerability has been resolved:\n\nskbuff: skb_segment, Call zero copy functions before using skbuff frags\n\nCommit bf5c25d60861 (\"skbuff: in skb_segment, call zerocopy functions\nonce per nskb\") added the call to zero copy functions in skb_segment().\nThe change introduced a bug in skb_segment() because skb_orphan_frags()\nmay possibly change the number of fragments or allocate new fragments\naltogether leaving nrfrags and frag to point to the old values. This can\ncause a panic with stacktrace like the one below.\n\n[  193.894380] BUG: kernel NULL pointer dereference, address: 00000000000000bc\n[  193.895273] CPU: 13 PID: 18164 Comm: vh-net-17428 Kdump: loaded Tainted: G           O      5.15.123+ #26\n[  193.903919] RIP: 0010:skb_segment+0xb0e/0x12f0\n[  194.021892] Call Trace:\n[  194.027422]  \u003CTASK>\n[  194.072861]  tcp_gso_segment+0x107/0x540\n[  194.082031]  inet_gso_segment+0x15c/0x3d0\n[  194.090783]  skb_mac_gso_segment+0x9f/0x110\n[  194.095016]  __skb_gso_segment+0xc1/0x190\n[  194.103131]  netem_enqueue+0x290/0xb10 [sch_netem]\n[  194.107071]  dev_qdisc_enqueue+0x16/0x70\n[  194.110884]  __dev_queue_xmit+0x63b/0xb30\n[  194.121670]  bond_start_xmit+0x159/0x380 [bonding]\n[  194.128506]  dev_hard_start_xmit+0xc3/0x1e0\n[  194.131787]  __dev_queue_xmit+0x8a0/0xb30\n[  194.138225]  macvlan_start_xmit+0x4f/0x100 [macvlan]\n[  194.141477]  dev_hard_start_xmit+0xc3/0x1e0\n[  194.144622]  sch_direct_xmit+0xe3/0x280\n[  194.147748]  __dev_queue_xmit+0x54a/0xb30\n[  194.154131]  tap_get_user+0x2a8/0x9c0 [tap]\n[  194.157358]  tap_sendmsg+0x52/0x8e0 [tap]\n[  194.167049]  handle_tx_zerocopy+0x14e/0x4c0 [vhost_net]\n[  194.173631]  handle_tx+0xcd/0xe0 [vhost_net]\n[  194.176959]  vhost_worker+0x76/0xb0 [vhost]\n[  194.183667]  kthread+0x118/0x140\n[  194.190358]  ret_from_fork+0x1f/0x30\n[  194.193670]  \u003C/TASK>\n\nIn this case calling skb_orphan_frags() updated nr_frags leaving nrfrags\nlocal variable in skb_segment() stale. This resulted in the code hitting\ni >= nrfrags prematurely and trying to move to next frag_skb using\nlist_skb pointer, which was NULL, and caused kernel panic. Move the call\nto zero copy functions before using frags and nr_frags.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-476","NULL Pointer Dereference","The product dereferences a pointer that it expects to be valid but is NULL.","weakness","Stable","Base","Medium",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64],{"_key":25},"SUSE-SU-2025:4057-1",{"_key":27},"SUSE-SU-2025:4132-1",{"_key":29},"SUSE-SU-2025:3751-1",{"_key":31},"SUSE-SU-2025:20851-1",{"_key":33},"SUSE-SU-2025:20861-1",{"_key":35},"SUSE-SU-2025:20870-1",{"_key":37},"SUSE-SU-2025:20898-1",{"_key":39},"SUSE-SU-2025:4141-1",{"_key":41},"SUSE-SU-2025:03600-1",{"_key":43},"SUSE-SU-2025:03634-1",{"_key":45},"DEBIAN-CVE-2023-53354",{"_key":47},"RHSA-2024:8157",{"_key":49},"RHSA-2025:21091",{"_key":51},"RHSA-2025:21136",{"_key":53},"RHSA-2025:22006",{"_key":55},"RHSA-2025:22072",{"_key":57},"RHSA-2025:22752",{"_key":59},"RHSA-2025:23445",{"_key":61},"UBUNTU-CVE-2023-53354",{"_key":63},"RHSA-2024:2394",{"_key":65},"RHSA-2024:3138",[],[68,69,70,71,72,73,74,75,76,77],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},"2025-09-17T14:56:44.388Z","2026-05-11T19:43:19.521Z","Modified",{"cisa_kev":82,"cisa_ransomware":82,"cisa_vendor":9,"epss_severity":83,"epss_score":84,"severity":85,"severity_score":86,"severity_version":87,"severity_source":88,"severity_vector":89,"severity_status":80},false,"low",0.00021,"medium",5.5,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[91,97,101,105,109,113,117,121],{"url":92,"sources":93,"tags":95},"https://git.kernel.org/stable/c/fcab3f661dbfd88e27ddbbe65368f3fa2d823175",[88,94],"nvd",[96],"Patch",{"url":98,"sources":99,"tags":100},"https://git.kernel.org/stable/c/d44403ec0676317b7f7edf2a035bb219fee3304e",[88,94],[96],{"url":102,"sources":103,"tags":104},"https://git.kernel.org/stable/c/8836c266201c29a5acb4f582227686f47b65ad61",[88,94],[96],{"url":106,"sources":107,"tags":108},"https://git.kernel.org/stable/c/d5790386595d06ea9decfd9ba5f1ea48cf09aa02",[88,94],[96],{"url":110,"sources":111,"tags":112},"https://git.kernel.org/stable/c/04c3eee4e13f60bf6f9a366ad39f88a01a57166e",[88,94],[96],{"url":114,"sources":115,"tags":116},"https://git.kernel.org/stable/c/f99006e840a4dbc8f5a34cecc6b5b26c73ef49bb",[88,94],[96],{"url":118,"sources":119,"tags":120},"https://git.kernel.org/stable/c/6c26ed3c6abe86ddab0510529000b970b05c9b40",[88,94],[96],{"url":122,"sources":123,"tags":124},"https://git.kernel.org/stable/c/2ea35288c83b3d501a88bc17f2df8f176b5cc96f",[88,94],[96],[],{"date":127,"score":84,"percentile":128},"2026-06-03",0.06131,[130,134,137,140,143,146,149,152,155,158,161,164,167,170,173,176,179,182,185,188,190,194,197,200,203,206,209,212,215,218,221,224,227,230,233,236,239,242,245,249,252,255,258,261,264,267,270,273,276,279,282,285,288,291,294,296,298,301,304,307,310,313,316,319,322,325,328,331,334,337,340,343,346,348,351,355,358,361,364,367,370,373,376,379,382,384,387,390,392,395],{"date":131,"score":132,"percentile":133},"2025-11-04",0.00035,0.09398,{"date":135,"score":132,"percentile":136},"2025-11-05",0.09417,{"date":138,"score":132,"percentile":139},"2025-11-06",0.09538,{"date":141,"score":132,"percentile":142},"2025-11-07",0.0956,{"date":144,"score":132,"percentile":145},"2025-11-08",0.09573,{"date":147,"score":132,"percentile":148},"2025-11-09",0.09543,{"date":150,"score":132,"percentile":151},"2025-11-10",0.09501,{"date":153,"score":132,"percentile":154},"2025-11-11",0.09518,{"date":156,"score":132,"percentile":157},"2025-11-12",0.09548,{"date":159,"score":132,"percentile":160},"2025-11-13",0.0959,{"date":162,"score":132,"percentile":163},"2025-11-14",0.09613,{"date":165,"score":132,"percentile":166},"2025-11-15",0.09627,{"date":168,"score":132,"percentile":169},"2025-11-16",0.09632,{"date":171,"score":132,"percentile":172},"2025-11-17",0.09624,{"date":174,"score":132,"percentile":175},"2025-11-18",0.05816,{"date":177,"score":132,"percentile":178},"2025-11-19",0.05834,{"date":180,"score":132,"percentile":181},"2025-11-20",0.0587,{"date":183,"score":132,"percentile":184},"2025-11-21",0.0968,{"date":186,"score":132,"percentile":187},"2025-11-22",0.09656,{"date":189,"score":132,"percentile":166},"2025-11-23",{"date":191,"score":192,"percentile":193},"2025-11-24",0.00036,0.10302,{"date":195,"score":192,"percentile":196},"2025-11-25",0.10304,{"date":198,"score":192,"percentile":199},"2025-11-26",0.10298,{"date":201,"score":192,"percentile":202},"2025-11-27",0.10301,{"date":204,"score":192,"percentile":205},"2025-11-28",0.10292,{"date":207,"score":192,"percentile":208},"2025-11-29",0.10288,{"date":210,"score":192,"percentile":211},"2025-11-30",0.10299,{"date":213,"score":192,"percentile":214},"2025-12-01",0.10338,{"date":216,"score":192,"percentile":217},"2025-12-02",0.10346,{"date":219,"score":192,"percentile":220},"2025-12-03",0.1036,{"date":222,"score":192,"percentile":223},"2025-12-04",0.10347,{"date":225,"score":192,"percentile":226},"2025-12-05",0.10376,{"date":228,"score":192,"percentile":229},"2025-12-06",0.10388,{"date":231,"score":192,"percentile":232},"2025-12-07",0.10384,{"date":234,"score":192,"percentile":235},"2025-12-08",0.10383,{"date":237,"score":192,"percentile":238},"2025-12-09",0.10432,{"date":240,"score":192,"percentile":241},"2025-12-10",0.10503,{"date":243,"score":192,"percentile":244},"2025-12-11",0.10533,{"date":246,"score":247,"percentile":248},"2025-12-12",0.00018,0.03599,{"date":250,"score":247,"percentile":251},"2025-12-13",0.03603,{"date":253,"score":247,"percentile":254},"2025-12-14",0.03602,{"date":256,"score":247,"percentile":257},"2025-12-15",0.03587,{"date":259,"score":247,"percentile":260},"2025-12-16",0.03605,{"date":262,"score":247,"percentile":263},"2025-12-17",0.03628,{"date":265,"score":247,"percentile":266},"2025-12-18",0.03645,{"date":268,"score":247,"percentile":269},"2025-12-19",0.03629,{"date":271,"score":247,"percentile":272},"2025-12-20",0.03626,{"date":274,"score":247,"percentile":275},"2025-12-21",0.03646,{"date":277,"score":247,"percentile":278},"2025-12-22",0.03625,{"date":280,"score":247,"percentile":281},"2025-12-23",0.03636,{"date":283,"score":247,"percentile":284},"2025-12-24",0.03631,{"date":286,"score":247,"percentile":287},"2025-12-25",0.03644,{"date":289,"score":247,"percentile":290},"2025-12-26",0.0364,{"date":292,"score":247,"percentile":293},"2025-12-27",0.03661,{"date":295,"score":247,"percentile":290},"2025-12-28",{"date":297,"score":247,"percentile":269},"2025-12-29",{"date":299,"score":247,"percentile":300},"2025-12-30",0.03612,{"date":302,"score":247,"percentile":303},"2025-12-31",0.03607,{"date":305,"score":247,"percentile":306},"2026-01-01",0.03694,{"date":308,"score":247,"percentile":309},"2026-01-02",0.03686,{"date":311,"score":247,"percentile":312},"2026-01-03",0.03679,{"date":314,"score":247,"percentile":315},"2026-01-04",0.03568,{"date":317,"score":247,"percentile":318},"2026-01-05",0.03554,{"date":320,"score":247,"percentile":321},"2026-01-06",0.03545,{"date":323,"score":247,"percentile":324},"2026-01-07",0.03569,{"date":326,"score":247,"percentile":327},"2026-01-08",0.03594,{"date":329,"score":247,"percentile":330},"2026-01-09",0.03611,{"date":332,"score":247,"percentile":333},"2026-01-10",0.03616,{"date":335,"score":247,"percentile":336},"2026-01-11",0.03598,{"date":338,"score":247,"percentile":339},"2026-01-12",0.036,{"date":341,"score":247,"percentile":342},"2026-01-13",0.03595,{"date":344,"score":247,"percentile":345},"2026-01-14",0.03606,{"date":347,"score":247,"percentile":321},"2026-01-15",{"date":349,"score":247,"percentile":350},"2026-01-16",0.03524,{"date":352,"score":353,"percentile":354},"2026-01-17",0.00023,0.05382,{"date":356,"score":353,"percentile":357},"2026-01-18",0.05373,{"date":359,"score":353,"percentile":360},"2026-01-19",0.05331,{"date":362,"score":353,"percentile":363},"2026-01-20",0.05288,{"date":365,"score":353,"percentile":366},"2026-01-21",0.05286,{"date":368,"score":353,"percentile":369},"2026-01-22",0.05267,{"date":371,"score":353,"percentile":372},"2026-01-23",0.05324,{"date":374,"score":353,"percentile":375},"2026-01-24",0.05367,{"date":377,"score":353,"percentile":378},"2026-01-25",0.05314,{"date":380,"score":353,"percentile":381},"2026-01-26",0.05289,{"date":383,"score":353,"percentile":369},"2026-01-27",{"date":385,"score":353,"percentile":386},"2026-01-28",0.05252,{"date":388,"score":353,"percentile":389},"2026-01-29",0.05264,{"date":391,"score":353,"percentile":369},"2026-01-30",{"date":393,"score":353,"percentile":394},"2026-01-31",0.05259,{"date":396,"score":353,"percentile":397},"2026-02-01",0.05341,[399,404],{"source":88,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":400,"cvss_v4_0":9},{"baseScore":86,"baseSeverity":401,"vectorString":89,"impactScore":402,"exploitabilityScore":403},"MEDIUM",6,4.6,{"source":94,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":405,"cvss_v4_0":9},{"baseScore":86,"baseSeverity":401,"vectorString":89,"impactScore":402,"exploitabilityScore":403},[407,442],{"ecosystem":9,"name":408,"vendor":409,"product":409,"cpe_part":410,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":411},"Linux","linux","a",[412,419,422,425,428,431,434,437,440],{"version":413,"is_range":414,"range_type":88,"version_start":415,"version_start_type":416,"version_end":417,"version_end_type":418,"fixed_in":9},">= bf5c25d608613eaf4dcdba5a9cac5b2afe67d635, \u003C fcab3f661dbfd88e27ddbbe65368f3fa2d823175",true,"bf5c25d608613eaf4dcdba5a9cac5b2afe67d635","including","fcab3f661dbfd88e27ddbbe65368f3fa2d823175","excluding",{"version":420,"is_range":414,"range_type":88,"version_start":415,"version_start_type":416,"version_end":421,"version_end_type":418,"fixed_in":9},">= bf5c25d608613eaf4dcdba5a9cac5b2afe67d635, \u003C d44403ec0676317b7f7edf2a035bb219fee3304e","d44403ec0676317b7f7edf2a035bb219fee3304e",{"version":423,"is_range":414,"range_type":88,"version_start":415,"version_start_type":416,"version_end":424,"version_end_type":418,"fixed_in":9},">= bf5c25d608613eaf4dcdba5a9cac5b2afe67d635, \u003C 8836c266201c29a5acb4f582227686f47b65ad61","8836c266201c29a5acb4f582227686f47b65ad61",{"version":426,"is_range":414,"range_type":88,"version_start":415,"version_start_type":416,"version_end":427,"version_end_type":418,"fixed_in":9},">= bf5c25d608613eaf4dcdba5a9cac5b2afe67d635, \u003C d5790386595d06ea9decfd9ba5f1ea48cf09aa02","d5790386595d06ea9decfd9ba5f1ea48cf09aa02",{"version":429,"is_range":414,"range_type":88,"version_start":415,"version_start_type":416,"version_end":430,"version_end_type":418,"fixed_in":9},">= bf5c25d608613eaf4dcdba5a9cac5b2afe67d635, \u003C 04c3eee4e13f60bf6f9a366ad39f88a01a57166e","04c3eee4e13f60bf6f9a366ad39f88a01a57166e",{"version":432,"is_range":414,"range_type":88,"version_start":415,"version_start_type":416,"version_end":433,"version_end_type":418,"fixed_in":9},">= bf5c25d608613eaf4dcdba5a9cac5b2afe67d635, \u003C f99006e840a4dbc8f5a34cecc6b5b26c73ef49bb","f99006e840a4dbc8f5a34cecc6b5b26c73ef49bb",{"version":435,"is_range":414,"range_type":88,"version_start":415,"version_start_type":416,"version_end":436,"version_end_type":418,"fixed_in":9},">= bf5c25d608613eaf4dcdba5a9cac5b2afe67d635, \u003C 6c26ed3c6abe86ddab0510529000b970b05c9b40","6c26ed3c6abe86ddab0510529000b970b05c9b40",{"version":438,"is_range":414,"range_type":88,"version_start":415,"version_start_type":416,"version_end":439,"version_end_type":418,"fixed_in":9},">= bf5c25d608613eaf4dcdba5a9cac5b2afe67d635, \u003C 2ea35288c83b3d501a88bc17f2df8f176b5cc96f","2ea35288c83b3d501a88bc17f2df8f176b5cc96f",{"version":441,"is_range":82,"range_type":88,"version_start":441,"version_start_type":416,"version_end":441,"version_end_type":416,"fixed_in":9},"4.16",{"ecosystem":9,"name":443,"vendor":409,"product":444,"cpe_part":445,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":446},"linux kernel","linux_kernel","o",[447,451,455,459,463,467,471],{"version":448,"is_range":414,"range_type":449,"version_start":441,"version_start_type":416,"version_end":450,"version_end_type":418,"fixed_in":9},"gte4.16_lt4.19.295","cpe","4.19.295",{"version":452,"is_range":414,"range_type":449,"version_start":453,"version_start_type":416,"version_end":454,"version_end_type":418,"fixed_in":9},"gte4.20_lt5.4.257","4.20","5.4.257",{"version":456,"is_range":414,"range_type":449,"version_start":457,"version_start_type":416,"version_end":458,"version_end_type":418,"fixed_in":9},"gte5.5_lt5.10.195","5.5","5.10.195",{"version":460,"is_range":414,"range_type":449,"version_start":461,"version_start_type":416,"version_end":462,"version_end_type":418,"fixed_in":9},"gte5.11_lt5.15.132","5.11","5.15.132",{"version":464,"is_range":414,"range_type":449,"version_start":465,"version_start_type":416,"version_end":466,"version_end_type":418,"fixed_in":9},"gte5.16_lt6.1.53","5.16","6.1.53",{"version":468,"is_range":414,"range_type":449,"version_start":469,"version_start_type":416,"version_end":470,"version_end_type":418,"fixed_in":9},"gte6.2_lt6.4.16","6.2","6.4.16",{"version":472,"is_range":414,"range_type":449,"version_start":473,"version_start_type":416,"version_end":474,"version_end_type":418,"fixed_in":9},"gte6.5_lt6.5.3","6.5","6.5.3"]