CVE-2023-53782
Published Dec 9, 2025
Modified Apr 15, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: dccp: Fix out of bounds access in DCCP error handler There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers only want to access the first 8 bytes of the DCCP header. Actually, they also look at the DCCP sequence number, which is stored beyond 8 bytes, so an explicit pskb_may_pull() is required.
Is your site exposed to CVE-2023-53782?
Run a free security scan — no signup, results in seconds.
References
Other References
https://git.kernel.org/stable/c/177212bf6dc1ff2d13d0409cddc5c9e81feec63d
https://git.kernel.org/stable/c/3533e10272555c422a7d51ebc0ce8c483429f7f2
https://git.kernel.org/stable/c/4b8a938e329ae4eb54b73b0c87b5170607b038a8
https://git.kernel.org/stable/c/6ecf09699eb1554299aa1e7fd13e9e80f656c2f9
https://git.kernel.org/stable/c/7a7dd70cb954d3efa706a429687ded88c02496fa
https://git.kernel.org/stable/c/977ad86c2a1bcaf58f01ab98df5cc145083c489c
https://git.kernel.org/stable/c/d8171411a661253e6271fa10b65b46daf1b6471c
https://git.kernel.org/stable/c/ec620c34f5fa5d055f9f6136a387755db6157712
https://git.kernel.org/stable/c/f8a7f10a1dccf9868ff09342a73dce27501b86df
Frequently Asked Questions
What is CVE-2023-53782? +
In the Linux kernel, the following vulnerability has been resolved:
dccp: Fix out of bounds access in DCCP error handler
There was a previous attempt to fix an out-of-bounds access in the DCCP
error handlers, but that fix assumed that the error handlers only want
to access the first 8 bytes of the DCCP header. Actually, they also look
at the DCCP sequence number, which is stored beyond 8 bytes, so an
explicit pskb_may_pull() is required.
How do I check if I'm vulnerable to CVE-2023-53782? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.