CVE-2023-53713Out-of-bounds Write in Linux

CWE-787Out-of-bounds Write6 documents5 sources
Severity
5.3MEDIUM
No vector
EPSS
0.0%
top 92.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR is a predicate register which can vary between 16 and 256 bits in size depending upon the configured vector length. When saving the SVE state in streaming SVE mode, the FFR register is inaccessible and so commit 9f5848665788 ("arm64/sve: Make access to FFR optional") simply clears the FFR field of the in-memory context structure. Unfortunately, it a

Affected Packages4 packages

Linuxlinux/linux_kernel5.16.06.1.39+2
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linux9f5848665788a0f07bc175cb2cdd06d367b7556e97669214944e80d3756657c21c4f286f3da6a423+4
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-f5qp-mjwc-27gf: In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR i2025-10-22
OSV
CVE-2023-53713: In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR is2025-10-22
OSV
arm64: sme: Use STR P to clear FFR context field in streaming SVE mode2025-10-22

📋Vendor Advisories

2
Red Hat
kernel: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode2025-10-22
Debian
CVE-2023-53713: linux - In the Linux kernel, the following vulnerability has been resolved: arm64: sme:...2023