CVE-2023-53477: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability has been identified and resolved related to IPv6 nexthop length calculation in the rt6nlmsgsize() function. The issue occurs when calculating the nexthop length by multiplying the nexthop length of fib6info and the number of siblings. If the fib6info has no lwtunnel but the siblings have lwtunnels, the calculated nexthop length is less than required, triggering a warning in inet6rtnotify() (NVD).

The vulnerability manifests in the rt6nlmsgsize() function where the nexthop length calculation is incorrect when dealing with lwtunnel encapsulation sizes. The bug can be reproduced by creating multiple IPv6 routes with different encapsulation configurations. The issue triggers a warning at net/ipv6/route.c:6180 in the inet6rtnotify function (NVD).

When triggered, this vulnerability results in incorrect nexthop length calculations that can cause system warnings and potential routing issues in IPv6 configurations. The impact appears to be primarily related to system stability and networking functionality rather than security exploitation (NVD).

The vulnerability has been patched by modifying the nexthop length calculation to properly account for all siblings using rt6nhnlmsg_size(). The fix ensures proper calculation of lwtunnel encapsulation sizes for all sibling routes (NVD).