What is CVE-2023-54181?

CVE-2023-54181 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 5.8 onward and patched in 6.1.53, 6.4.16, 6.5.3 and others. CVE-2023-54181 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2023-54181?

CVE-2023-54181 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2023-54181?

Yes, CVE-2023-54181 has been patched. Fixed versions include 6.1.53, 6.4.16, 6.5.3 and others. If you are running Linux kernel 5.8 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2023-54181 actively exploited?

CVE-2023-54181 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2023-54181

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix issue in verifying allow_ptr_leaks After we converted the capabilities of our networking-bpf program from cap_sys_admin to cap_net_admin+cap_bpf, our networking-bpf program failed to start. Because it failed the bpf verifier, and the error log is "R3 pointer comparison prohibited". A simple reproducer as follows, SEC("cls-ingress") int ingress(struct __sk_buff *skb) { struct iphdr *iph = (void *)(long)skb->data + sizeof(struct ethhdr); if ((long)(iph + 1) > (long)skb->data_end) return TC_ACT_STOLEN; return TC_ACT_OK; } Per discussion with Yonghong and Alexei [1], comparison of two packet pointers is not a pointer leak. This patch fixes it. Our local kernel is 6.1.y and we expect this fix to be backported to 6.1.y, so stable is CCed. [1]. https://lore.kernel.org/bpf/CAADnVQ+Nmspr7Si+pxWn8zkE7hX-7s93ugwC+94aXSy4uQ9vBg@mail.gmail.com/

Package Linux Kernel

Published 2025-12-30

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 5.8 and later are affected. Fixed in 6.1.53, 6.4.16, 6.5.3, 6.6 and their respective stable series.

Affected from

≥ 5.8

Fixed in

✓ 6.1.53 6.1.x ✓ 6.4.16 6.4.x ✓ 6.5.3 6.5.x ✓ 6.6

References

The following references provide additional information about CVE-2023-54181 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/5927f0172d2809d8fc09c1ba667280b0387e9f73
Patch
Kernel patch commit
https://git.kernel.org/stable/c/acfdc8b77016c8e648aadc283177546c88083dd3
Patch
Kernel patch commit
https://git.kernel.org/stable/c/c96c67991aac6401b4c6996093bccb704bb2ea4b
Patch

4 patch commits total View all on NVD

Frequently asked questions

What is CVE-2023-54181?

CVE-2023-54181 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 5.8 onward and has been patched in 6.1.53, 6.4.16, 6.5.3 and others. CVE-2023-54181 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2023-54181?

Yes — CVE-2023-54181 has been patched. Fixed versions include 6.1.53, 6.4.16, 6.5.3 and others. If you are running Linux kernel 5.8 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2023-54181 actively exploited?

No — CVE-2023-54181 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.