CVE-2023-53769 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy whole messages in or out as needed before doing any computation on them.

PUBLISHED Reserved 2025-12-08 | Published 2025-12-08 | Updated 2025-12-08 | Assigner Linux

Product status

Default status

unaffected

d5af44dde5461d125d1602ac913ab5c6bdf09b8b (git) before 577a64725bfd77645986168e953d405067ee565b

affected

d5af44dde5461d125d1602ac913ab5c6bdf09b8b (git) before c27dafc4aa50a29ec927b3aa84ac7b430071f682

affected

d5af44dde5461d125d1602ac913ab5c6bdf09b8b (git) before 4b69c63f716cfda38e1210e65b68f67f6cee2ddf

affected

d5af44dde5461d125d1602ac913ab5c6bdf09b8b (git) before 965006103a14703cc42043bbf9b5e0cdf7a468ad

affected

Default status

affected

5.19

affected

Any version before 5.19

unaffected

6.1.28 (semver)

unaffected

6.2.15 (semver)

unaffected

6.3.2 (semver)

unaffected

6.4 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/577a64725bfd77645986168e953d405067ee565b

git.kernel.org/...c/c27dafc4aa50a29ec927b3aa84ac7b430071f682

git.kernel.org/...c/4b69c63f716cfda38e1210e65b68f67f6cee2ddf

git.kernel.org/...c/965006103a14703cc42043bbf9b5e0cdf7a468ad

cve.org (CVE-2023-53769)

nvd.nist.gov (CVE-2023-53769)

help @ threatint.eu