CVE-2023-53205 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler

We do check for target CPU == -1, but this might change at the time we
are going to use it. Hold the physical target CPU in a local variable to
avoid out-of-bound accesses to the cpu arrays.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/0bc380beb78aa352eadbc21d934dd9606fcee808
https://git.kernel.org/stable/c/86bfb18bad60fc468e5f112cbbd918462a8dd435
https://git.kernel.org/stable/c/a9ccf140a2a03a0ae82be4bdfbdd17bdaea72ff5
https://git.kernel.org/stable/c/dc7e0192c470a53d847c79a2796f9ac429477a26

History

Mon, 15 Sep 2025 14:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler We do check for target CPU == -1, but this might change at the time we are going to use it. Hold the physical target CPU in a local variable to avoid out-of-bound accesses to the cpu arrays.
Title		KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler
References		https://git.kernel.org/stable/c/0bc380beb78aa352eadbc21d934dd9606fcee808 https://git.kernel.org/stable/c/86bfb18bad60fc468e5f112cbbd918462a8dd435 https://git.kernel.org/stable/c/a9ccf140a2a03a0ae82be4bdfbdd17bdaea72ff5 https://git.kernel.org/stable/c/dc7e0192c470a53d847c79a2796f9ac429477a26

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-15T14:21:33.560Z

Updated: 2025-09-15T14:21:33.560Z

Reserved: 2025-09-15T13:59:19.068Z

Link: CVE-2023-53205

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-09-15T15:15:46.977

Modified: 2025-09-15T15:22:27.090

Link: CVE-2023-53205

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53205", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-09-15T13:59:19.068Z", "datePublished": "2025-09-15T14:21:33.560Z", "dateUpdated": "2025-09-15T14:21:33.560Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-15T14:21:33.560Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: s390/diag: fix racy access of physical cpu number in diag 9c handler\n\nWe do check for target CPU == -1, but this might change at the time we\nare going to use it. Hold the physical target CPU in a local variable to\navoid out-of-bound accesses to the cpu arrays."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/s390/kvm/diag.c"], "versions": [{"version": "87e28a15c42cc592009c32a8c20e5789059027c2", "lessThan": "a9ccf140a2a03a0ae82be4bdfbdd17bdaea72ff5", "status": "affected", "versionType": "git"}, {"version": "87e28a15c42cc592009c32a8c20e5789059027c2", "lessThan": "86bfb18bad60fc468e5f112cbbd918462a8dd435", "status": "affected", "versionType": "git"}, {"version": "87e28a15c42cc592009c32a8c20e5789059027c2", "lessThan": "dc7e0192c470a53d847c79a2796f9ac429477a26", "status": "affected", "versionType": "git"}, {"version": "87e28a15c42cc592009c32a8c20e5789059027c2", "lessThan": "0bc380beb78aa352eadbc21d934dd9606fcee808", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/s390/kvm/diag.c"], "versions": [{"version": "5.13", "status": "affected"}, {"version": "0", "lessThan": "5.13", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.121", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.39", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4.4", "lessThanOrEqual": "6.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "5.15.121"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "6.1.39"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "6.4.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "6.5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/a9ccf140a2a03a0ae82be4bdfbdd17bdaea72ff5"}, {"url": "https://git.kernel.org/stable/c/86bfb18bad60fc468e5f112cbbd918462a8dd435"}, {"url": "https://git.kernel.org/stable/c/dc7e0192c470a53d847c79a2796f9ac429477a26"}, {"url": "https://git.kernel.org/stable/c/0bc380beb78aa352eadbc21d934dd9606fcee808"}], "title": "KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler", "x_generator": {"engine": "bippy-1.2.0"}}}}