CVE-2023-53706Type Confusion in Linux

CWE-843Type Confusion6 documents5 sources
Severity
5.8MEDIUM
No vector
EPSS
0.0%
top 92.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: mm/vmemmap/devdax: fix kernel crash when probing devdax devices commit 4917f55b4ef9 ("mm/sparse-vmemmap: improve memory savings for compound devmaps") added support for using optimized vmmemap for devdax devices. But how vmemmap mappings are created are architecture specific. For example, powerpc with hash translation doesn't have vmemmap mappings in init_mm page table instead they are bolted table entries in the hardware page

Affected Packages4 packages

Linuxlinux/linux_kernel5.19.06.3.5
Debianlinux/linux_kernel< 6.3.7-1+1
CVEListV5linux/linux4917f55b4ef963e2d2288fe4eb651728be8db4068f4603588acf5807aa1f1b4b1ea2b0365acd71f0+2
debiandebian/linux< linux 6.3.7-1 (forky)

🔴Vulnerability Details

3
GHSA
GHSA-6xfg-j7h4-rj4m: In the Linux kernel, the following vulnerability has been resolved: mm/vmemmap/devdax: fix kernel crash when probing devdax devices commit 4917f55b42025-10-22
OSV
CVE-2023-53706: In the Linux kernel, the following vulnerability has been resolved: mm/vmemmap/devdax: fix kernel crash when probing devdax devices commit 4917f55b4ef2025-10-22
OSV
mm/vmemmap/devdax: fix kernel crash when probing devdax devices2025-10-22

📋Vendor Advisories

2
Red Hat
kernel: mm/vmemmap/devdax: fix kernel crash when probing devdax devices2025-10-22
Debian
CVE-2023-53706: linux - In the Linux kernel, the following vulnerability has been resolved: mm/vmemmap/...2023