CVE-2023-53756Access of Uninitialized Pointer in Linux

CWE-824Access of Uninitialized Pointer6 documents5 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 89.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 8

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized current_vmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcs_touch_msr_bitmap function uses current_vmcs per-cpu variable to mark that the msr bitmap was changed. vmx_vcpu_create() modifies the msr bitmap via vmx_disable_intercept_for_msr -> vmx_msr_bitmap_l01_changed which in the end c

Affected Packages4 packages

Linuxlinux/linux_kernel4.18.05.10.175+3
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linuxceef7d10dfb6284d512c499292e6daa35ea83f906baebcecf09acd19e2bab1c2911dcdba5d48a1dc+5
debiandebian/linux< linux 6.1.20-1 (bookworm)

🔴Vulnerability Details

3
OSV
KVM: VMX: Fix crash due to uninitialized current_vmcs2025-12-08
OSV
CVE-2023-53756: In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized current_vmcs KVM enables 'Enlightened VMC2025-12-08
GHSA
GHSA-5h86-42q5-w9hr: In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized current_vmcs KVM enables 'Enlightened V2025-12-08

📋Vendor Advisories

2
Red Hat
kernel: KVM: VMX: Fix crash due to uninitialized current_vmcs2025-12-08
Debian
CVE-2023-53756: linux - In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: F...2023