CVE-2023-53205 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler We do check for target CPU == -1, but this might change at the time we are going to use it. Hold the physical target CPU in a local variable to avoid out-of-bound accesses to the cpu arrays.

PUBLISHED Reserved 2025-09-15 | Published 2025-09-15 | Updated 2025-09-15 | Assigner Linux

Product status

Default status

unaffected

87e28a15c42cc592009c32a8c20e5789059027c2 (git) before a9ccf140a2a03a0ae82be4bdfbdd17bdaea72ff5

affected

87e28a15c42cc592009c32a8c20e5789059027c2 (git) before 86bfb18bad60fc468e5f112cbbd918462a8dd435

affected

87e28a15c42cc592009c32a8c20e5789059027c2 (git) before dc7e0192c470a53d847c79a2796f9ac429477a26

affected

87e28a15c42cc592009c32a8c20e5789059027c2 (git) before 0bc380beb78aa352eadbc21d934dd9606fcee808

affected

Default status

affected

5.13

affected

Any version before 5.13

unaffected

5.15.121 (semver)

unaffected

6.1.39 (semver)

unaffected

6.4.4 (semver)

unaffected

6.5 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/a9ccf140a2a03a0ae82be4bdfbdd17bdaea72ff5

git.kernel.org/...c/86bfb18bad60fc468e5f112cbbd918462a8dd435

git.kernel.org/...c/dc7e0192c470a53d847c79a2796f9ac429477a26

git.kernel.org/...c/0bc380beb78aa352eadbc21d934dd9606fcee808

cve.org (CVE-2023-53205)

nvd.nist.gov (CVE-2023-53205)

Download JSON

help @ threatint.eu