Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2023-53438

Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
18/09/2025
Última modificación:
19/09/2025

Descripción

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> x86/MCE: Always save CS register on AMD Zen IF Poison errors<br /> <br /> The Instruction Fetch (IF) units on current AMD Zen-based systems do not<br /> guarantee a synchronous #MC is delivered for poison consumption errors.<br /> Therefore, MCG_STATUS[EIPV|RIPV] will not be set. However, the<br /> microarchitecture does guarantee that the exception is delivered within<br /> the same context. In other words, the exact rIP is not known, but the<br /> context is known to not have changed.<br /> <br /> There is no architecturally-defined method to determine this behavior.<br /> <br /> The Code Segment (CS) register is always valid on such IF unit poison<br /> errors regardless of the value of MCG_STATUS[EIPV|RIPV].<br /> <br /> Add a quirk to save the CS register for poison consumption from the IF<br /> unit banks.<br /> <br /> This is needed to properly determine the context of the error.<br /> Otherwise, the severity grading function will assume the context is<br /> IN_KERNEL due to the m-&gt;cs value being 0 (the initialized value). This<br /> leads to unnecessary kernel panics on data poison errors due to the<br /> kernel believing the poison consumption occurred in kernel context.

Impacto