-

CVE-2023-53474

EPSS 0.03%
Published 01.10.2025 12:15:49
Last modified 02.10.2025 19:12:17
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

x86/MCE/AMD: Use an u64 for bank_map

Thee maximum number of MCA banks is 64 (MAX_NR_BANKS), see

  a0bc32b3cacf ("x86/mce: Increase maximum number of banks to 64").

However, the bank_map which contains a bitfield of which banks to
initialize is of type unsigned int and that overflows when those bit
numbers are >= 32, leading to UBSAN complaining correctly:

  UBSAN: shift-out-of-bounds in arch/x86/kernel/cpu/mce/amd.c:1365:38
  shift exponent 32 is too large for 32-bit type 'int'

Change the bank_map to a u64 and use the proper BIT_ULL() macro when
modifying bits in there.

  [ bp: Rewrite commit message. ]

Affected products Warnungen 0 Metrics 1 CWE 0 References 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < a9b9ea0e63a0ec5e97bf1219ab6dcbd55e362f83

Version a0bc32b3cacf194dc479b342f006203fd1e1941a

Status affected

Version < 11c58a0c1937c157dbdf82d5ab634d68c99f3098

Version a0bc32b3cacf194dc479b342f006203fd1e1941a

Status affected

Version < ba8ffb1251eb629c2ec35220e3896cf4f7b888a7

Version a0bc32b3cacf194dc479b342f006203fd1e1941a

Status affected

Version < 9669fa17287c3af2bbd4868d4c8fdd9e57f8332e

Version a0bc32b3cacf194dc479b342f006203fd1e1941a

Status affected

Version < 67bb7521b6420d81dab7538c0686f18f7d6d09f4

Version a0bc32b3cacf194dc479b342f006203fd1e1941a

Status affected

Version < 4c1cdec319b9aadb65737c3eb1f5cb74bd6aa156

Version a0bc32b3cacf194dc479b342f006203fd1e1941a

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 5.10

Status affected

Version < 5.10

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.180

Status unaffected

Version <= 5.15.*

Version 5.15.111

Status unaffected

Version <= 6.1.*

Version 6.1.28

Status unaffected

Version <= 6.2.*

Version 6.2.15

Status unaffected

Version <= 6.3.*

Version 6.3.2

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.081

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/11c58a0c1937c157dbdf82d5ab634d68c99f3098

https://git.kernel.org/stable/c/4c1cdec319b9aadb65737c3eb1f5cb74bd6aa156

https://git.kernel.org/stable/c/67bb7521b6420d81dab7538c0686f18f7d6d09f4

https://git.kernel.org/stable/c/9669fa17287c3af2bbd4868d4c8fdd9e57f8332e

https://git.kernel.org/stable/c/a9b9ea0e63a0ec5e97bf1219ab6dcbd55e362f83

https://git.kernel.org/stable/c/ba8ffb1251eb629c2ec35220e3896cf4f7b888a7

https://nvd.nist.gov/vuln/detail/CVE-2023-53474

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53474

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53474

EUVD