{"id":"CVE-2023-53782","summary":"dccp: Fix out of bounds access in DCCP error handler","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndccp: Fix out of bounds access in DCCP error handler\n\nThere was a previous attempt to fix an out-of-bounds access in the DCCP\nerror handlers, but that fix assumed that the error handlers only want\nto access the first 8 bytes of the DCCP header. Actually, they also look\nat the DCCP sequence number, which is stored beyond 8 bytes, so an\nexplicit pskb_may_pull() is required.","modified":"2026-03-31T17:29:32.355452474Z","published":"2025-12-09T00:00:37.741Z","related":["SUSE-SU-2026:0278-1","SUSE-SU-2026:0281-1","SUSE-SU-2026:0293-1","SUSE-SU-2026:0315-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53782.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/177212bf6dc1ff2d13d0409cddc5c9e81feec63d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3533e10272555c422a7d51ebc0ce8c483429f7f2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4b8a938e329ae4eb54b73b0c87b5170607b038a8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6ecf09699eb1554299aa1e7fd13e9e80f656c2f9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7a7dd70cb954d3efa706a429687ded88c02496fa"},{"type":"WEB","url":"https://git.kernel.org/stable/c/977ad86c2a1bcaf58f01ab98df5cc145083c489c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d8171411a661253e6271fa10b65b46daf1b6471c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ec620c34f5fa5d055f9f6136a387755db6157712"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f8a7f10a1dccf9868ff09342a73dce27501b86df"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53782.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53782"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6706a97fec963d6cb3f7fc2978ec1427b4651214"},{"fixed":"3533e10272555c422a7d51ebc0ce8c483429f7f2"},{"fixed":"177212bf6dc1ff2d13d0409cddc5c9e81feec63d"},{"fixed":"7a7dd70cb954d3efa706a429687ded88c02496fa"},{"fixed":"4b8a938e329ae4eb54b73b0c87b5170607b038a8"},{"fixed":"6ecf09699eb1554299aa1e7fd13e9e80f656c2f9"},{"fixed":"f8a7f10a1dccf9868ff09342a73dce27501b86df"},{"fixed":"d8171411a661253e6271fa10b65b46daf1b6471c"},{"fixed":"ec620c34f5fa5d055f9f6136a387755db6157712"},{"fixed":"977ad86c2a1bcaf58f01ab98df5cc145083c489c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"96106a207ae972d8f9e4815e84c159f29e4bbee7"},{"last_affected":"261def571d19d3b4e2228643c5c0ac89f5e10d15"},{"last_affected":"dbf1719c65fb0368a94d15767c669e47e295a073"},{"last_affected":"46b1ffd4738a3ee04b2e8f5a4b8cfc39e9c722a2"},{"last_affected":"a2df29ed840f90e459a3f8ff029b216be3912731"},{"last_affected":"ba93cf7d2118774c0b2dcfccc8ae999427815caa"},{"last_affected":"4ca7e66fcce02459fa6961979f9fe30ae1098cf0"},{"last_affected":"bd380617d5d161ea2bbe7a8073b3ca7bca0381e5"},{"last_affected":"bfe7d1dee859cad6802f8e21a0a863f408114612"},{"last_affected":"968953df833c61fce5adcc0612efeaced24e5719"},{"last_affected":"99131760a8851e6e5b2c9b24d0a68a3068923a08"},{"last_affected":"84d9c612bb7a9e44c6bf286bedfbe72a6d2d71d4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53782.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.9.0"},{"fixed":"4.14.326"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.295"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.257"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.195"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.132"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.53"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.4.16"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.5.0"},{"fixed":"6.5.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53782.json"}}],"schema_version":"1.7.5"}