CVE-2023-53702Unchecked Return Value in Linux

CWE-252Unchecked Return Value6 documents5 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 93.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03ffd5f6 ("crypto: s390 - add crypto library interface for ChaCha20") added a library interface to the s390 specific ChaCha20 implementation. However no check was added to verify if the required facilities are installed before branching into the assembler code. If compiled into the kernel, this will lead to the following crash, if vector instructio

Affected Packages4 packages

Linuxlinux/linux_kernel5.19.06.1.30+1
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linux349d03ffd5f62c298fd667ffa397c3fdc5c6194b25e8d30507aa2f251152df1af7809e85b5538f4a+3
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
OSV
s390/crypto: use vector instructions only if available for ChaCha202025-10-22
OSV
CVE-2023-53702: In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03f2025-10-22
GHSA
GHSA-28rv-6x7m-q268: In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d02025-10-22

📋Vendor Advisories

2
Red Hat
kernel: s390/crypto: use vector instructions only if available for ChaCha202025-10-22
Debian
CVE-2023-53702: linux - In the Linux kernel, the following vulnerability has been resolved: s390/crypto...2023