-

CVE-2023-53273

EPSS 0.02%
Published 16.09.2025 08:11:08
Last modified 16.09.2025 12:49:16
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

Drivers: vmbus: Check for channel allocation before looking up relids

relid2channel() assumes vmbus channel array to be allocated when called.
However, in cases such as kdump/kexec, not all relids will be reset by the host.
When the second kernel boots and if the guest receives a vmbus interrupt during
vmbus driver initialization before vmbus_connect() is called, before it finishes,
or if it fails, the vmbus interrupt service routine is called which in turn calls
relid2channel() and can cause a null pointer dereference.

Print a warning and error out in relid2channel() for a channel id that's invalid
in the second kernel.

Affected products Warnungen 0 Metrics 1 CWE 0 References 8

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 176c6b4889195fbe7016d9401175b48c5c9edf68

Version 8b6a877c060ed6b86878fe66c7c6493a6054cf23

Status affected

Version < c373e49fbb87aa177819866ed9194ebc5414dfd6

Version 8b6a877c060ed6b86878fe66c7c6493a6054cf23

Status affected

Version < 8c3f0ae5435fd20bb1e3a8308488aa6ac33151ee

Version 8b6a877c060ed6b86878fe66c7c6493a6054cf23

Status affected

Version < a5c44f3446a0565139b7d8abc78f58b86c398123

Version 8b6a877c060ed6b86878fe66c7c6493a6054cf23

Status affected

Version < 1eb65c8687316c65140b48fad27133d583178e15

Version 8b6a877c060ed6b86878fe66c7c6493a6054cf23

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 5.8

Status affected

Version < 5.8

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.178

Status unaffected

Version <= 5.15.*

Version 5.15.107

Status unaffected

Version <= 6.1.*

Version 6.1.24

Status unaffected

Version <= 6.2.*

Version 6.2.11

Status unaffected

Version <= *

Version 6.3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.048

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/176c6b4889195fbe7016d9401175b48c5c9edf68

https://git.kernel.org/stable/c/c373e49fbb87aa177819866ed9194ebc5414dfd6

https://git.kernel.org/stable/c/8c3f0ae5435fd20bb1e3a8308488aa6ac33151ee

https://git.kernel.org/stable/c/a5c44f3446a0565139b7d8abc78f58b86c398123

https://git.kernel.org/stable/c/1eb65c8687316c65140b48fad27133d583178e15

https://nvd.nist.gov/vuln/detail/CVE-2023-53273

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53273

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53273

EUVD