CVE-2023-53663Reachable Assertion in Linux

CWE-617Reachable Assertion5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 98.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 7

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN instead of asserting that TSC scaling is exposed to L1 if L1's MSR_AMD64_TSC_RATIO has diverged from KVM's default. Userspace can trigger the WARN at will by writing the MSR and then updating guest CPUID to hide the feature (modifying guest CPUID is allowed anytime before KVM_RUN). E.g. hacking KVM's sta

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel5.166.1.54+1
Debianlinux/linux_kernel< 6.1.55-1+2
CVEListV5linux/linux5228eb96a4875f8cf5d61d486e3795ac14df89046c1ecfea1daf6e75c46e295aad99dfbafd878897+3
debiandebian/linux< linux 6.1.55-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-92f6-rh29-hfq6: In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Check instead of asserting on nested TSC scaling support Check for ne2025-10-07
OSV
CVE-2023-53663: In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Check instead of asserting on nested TSC scaling support Check for nest2025-10-07

📋Vendor Advisories

2
Red Hat
kernel: KVM: nSVM: Check instead of asserting on nested TSC scaling support2025-10-07
Debian
CVE-2023-53663: linux - In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: ...2023