DEBIAN-CVE-2023-52659

Source
https://security-tracker.debian.org/tracker/CVE-2023-52659
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-52659.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2023-52659
Upstream
Published
2024-05-17T13:15:57Z
Modified
2025-09-30T03:54:34Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Ensure input to pfntokaddr() is treated as a 64-bit type On 64-bit platforms, the pfntokaddr() macro requires that the input value is 64 bits in order to ensure that valid address bits don't get lost when shifting that input by PAGESHIFT to calculate the physical address to provide a virtual address for. One such example is in pvalidatepages() (used by SEV-SNP guests), where the GFN in the struct used for page-state change requests is a 40-bit bit-field, so attempts to pass this GFN field directly into pfntokaddr() ends up causing guest crashes when dealing with addresses above the 1TB range due to the above. Fix this issue with SEV-SNP guests, as well as any similar cases that might cause issues in current/future code, by using an inline function, instead of a macro, so that the input is implicitly cast to the expected 64-bit input type prior to performing the shift operation. While it might be argued that the issue is on the caller side, other archs/macros have taken similar approaches to deal with instances like this, such as ARM explicitly casting the input to physaddrt: e48866647b48 ("ARM: 8396/1: use physaddrt in pfntokaddr()") A C inline function is even better though. [ mingo: Refined the changelog some more & added _alwaysinline. ]

References

Affected packages

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.7.12-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.7.12-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}