CVE-2023-54149

🗓️ 24 Dec 2025 13:07:00Reported by LinuxType

CVE-2023-54149: DSA master calls vlan_for_each without rtnl_lock, risking suspicious RCU usage.

Reporter	Title	Published	Views	Family All 34
AstraLinux	Astra Linux – Vulnerability in Linux 5.10	3 May 202623:59	–	astralinux
Circl	CVE-2023-54149	19 Mar 202600:00	–	circl
CNNVD	Linux kernel 安全漏洞	24 Dec 202500:00	–	cnnvd
Cvelist	CVE-2023-54149 net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses	24 Dec 202513:07	–	cvelist
Debian CVE	CVE-2023-54149	24 Dec 202513:07	–	debiancve
EUVD	EUVD-2023-60296	24 Dec 202515:30	–	euvd
NVD	CVE-2023-54149	24 Dec 202513:16	–	nvd
OpenVAS	openSUSE Security Advisory (SUSE-SU-2026:0293-1)	28 Jan 202600:00	–	openvas
OpenVAS	SUSE: Security Advisory (SUSE-SU-2026:0293-1)	28 Jan 202600:00	–	openvas
OSV	BELL-CVE-2023-54149	25 Dec 202506:06	–	osv

Vulners

CNA

Node

linux linux_kernelRange6.2.10–6.3

linux linux_kernelRange6.3–6.3.13

linux linux_kernelRange6.4.0–6.4.4

linux linux_kernelRange6.5.0≥

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "include/net/dsa.h",
      "net/dsa/dsa.c",
      "net/dsa/slave.c",
      "net/dsa/switch.c",
      "net/dsa/switch.h"
    ],
    "versions": [
      {
        "version": "64fdc5f341db01200e33105265d4b8450122a82e",
        "lessThan": "3948c69b3837fec2ee5a90fbc911c343199be0ac",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "64fdc5f341db01200e33105265d4b8450122a82e",
        "lessThan": "3f9e79f31e51b7d5bf95c617540deb6cf2816a3f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "64fdc5f341db01200e33105265d4b8450122a82e",
        "lessThan": "d06f925f13976ab82167c93467c70a337a0a3cda",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "2daf967a24334865e51520e55190a646dd480cd7",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "6.2.10",
        "lessThan": "6.3",
        "status": "affected",
        "versionType": "semver"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "include/net/dsa.h",
      "net/dsa/dsa.c",
      "net/dsa/slave.c",
      "net/dsa/switch.c",
      "net/dsa/switch.h"
    ],
    "versions": [
      {
        "version": "6.3",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.3",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.3.13",
        "lessThanOrEqual": "6.3.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.4.4",
        "lessThanOrEqual": "6.4.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.5",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/3948c69b3837fec2ee5a90fbc911c343199be0ac
git	www.git.kernel.org/stable/c/d06f925f13976ab82167c93467c70a337a0a3cda
git	www.git.kernel.org/stable/c/3f9e79f31e51b7d5bf95c617540deb6cf2816a3f

17 Jun 2026 06:46Current

6.1Medium risk

Vulners AI Score6.1

EPSS0.00166