7.1

CVE-2023-53259

VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF

In the Linux kernel, the following vulnerability has been resolved:

VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF

The call to get_user_pages_fast() in vmci_host_setup_notify() can return
NULL context->notify_page causing a GPF. To avoid GPF check if
context->notify_page == NULL and return error if so.

general protection fault, probably for non-canonical address
    0xe0009d1000000060: 0000 [#1] PREEMPT SMP KASAN NOPTI
KASAN: maybe wild-memory-access in range [0x0005088000000300-
    0x0005088000000307]
CPU: 2 PID: 26180 Comm: repro_34802241 Not tainted 6.1.0-rc4 #1
Hardware name: Red Hat KVM, BIOS 1.15.0-2.module+el8.6.0 04/01/2014
RIP: 0010:vmci_ctx_check_signal_notify+0x91/0xe0
Call Trace:
 <TASK>
 vmci_host_unlocked_ioctl+0x362/0x1f40
 __x64_sys_ioctl+0x1a1/0x230
 do_syscall_64+0x3a/0x90
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.0 < 5.4.296
LinuxLinux Kernel Version >= 5.5 < 5.10.240
LinuxLinux Kernel Version >= 5.11 < 5.15.99
LinuxLinux Kernel Version >= 5.16 < 6.1.16
LinuxLinux Kernel Version >= 6.2 < 6.2.3
DebianDebian Linux Version11.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.036
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/b4239bfb260d1e6837766c41a0b241d7670f1402
Patch
https://git.kernel.org/stable/c/d4198f67e7556b1507f14f60d81a72660e5560e4
Patch
https://git.kernel.org/stable/c/a3c89e8c69a58f62451c0a75b77fcab25979b897
Patch
https://git.kernel.org/stable/c/055891397f530f9b1b22be38d7eca8b08382941f
Patch
https://git.kernel.org/stable/c/91b8e4f61f8f4594ee65368c8d89e6fdc29d3fb1
Patch
https://git.kernel.org/stable/c/1a726cb47fd204109c767409fa9ca15a96328f14
Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Third Party Advisory