Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2023-53702

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
22/10/2025
Last modified:
22/10/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> s390/crypto: use vector instructions only if available for ChaCha20<br /> <br /> Commit 349d03ffd5f6 ("crypto: s390 - add crypto library interface for<br /> ChaCha20") added a library interface to the s390 specific ChaCha20<br /> implementation. However no check was added to verify if the required<br /> facilities are installed before branching into the assembler code.<br /> <br /> If compiled into the kernel, this will lead to the following crash,<br /> if vector instructions are not available:<br /> <br /> data exception: 0007 ilc:3 [#1] SMP<br /> Modules linked in:<br /> CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.3.0-rc7+ #11<br /> Hardware name: IBM 3931 A01 704 (KVM/Linux)<br /> Krnl PSW : 0704e00180000000 000000001857277a (chacha20_vx+0x32/0x818)<br /> R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3<br /> Krnl GPRS: 0000037f0000000a ffffffffffffff60 000000008184b000 0000000019f5c8e6<br /> 0000000000000109 0000037fffb13c58 0000037fffb13c78 0000000019bb1780<br /> 0000037fffb13c58 0000000019f5c8e6 000000008184b000 0000000000000109<br /> 00000000802d8000 0000000000000109 0000000018571ebc 0000037fffb13718<br /> Krnl Code: 000000001857276a: c07000b1f80b larl %r7,0000000019bb1780<br /> 0000000018572770: a708000a lhi %r0,10<br /> #0000000018572774: e78950000c36 vlm %v24,%v25,0(%r5),0<br /> &gt;000000001857277a: e7a060000806 vl %v26,0(%r6),0<br /> 0000000018572780: e7bf70004c36 vlm %v27,%v31,0(%r7),4<br /> 0000000018572786: e70b00000456 vlr %v0,%v27<br /> 000000001857278c: e71800000456 vlr %v1,%v24<br /> 0000000018572792: e74b00000456 vlr %v4,%v27<br /> Call Trace:<br /> [] chacha20_vx+0x32/0x818<br /> Last Breaking-Event-Address:<br /> [] chacha20_crypt_s390.constprop.0+0x6e/0xd8<br /> ---[ end trace 0000000000000000 ]---<br /> Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b<br /> <br /> Fix this by adding a missing MACHINE_HAS_VX check.<br /> <br /> [agordeev@linux.ibm.com: remove duplicates in commit message]

Impact

References to Advisories, Solutions, and Tools