Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2023-54296

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/12/2025
Last modified:
30/12/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration<br /> <br /> Fix a goof where KVM tries to grab source vCPUs from the destination VM<br /> when doing intrahost migration. Grabbing the wrong vCPU not only hoses<br /> the guest, it also crashes the host due to the VMSA pointer being left<br /> NULL.<br /> <br /> BUG: unable to handle page fault for address: ffffe38687000000<br /> #PF: supervisor read access in kernel mode<br /> #PF: error_code(0x0000) - not-present page<br /> PGD 0 P4D 0<br /> Oops: 0000 [#1] SMP NOPTI<br /> CPU: 39 PID: 17143 Comm: sev_migrate_tes Tainted: GO 6.5.0-smp--fff2e47e6c3b-next #151<br /> Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 34.28.0 07/10/2023<br /> RIP: 0010:__free_pages+0x15/0xd0<br /> RSP: 0018:ffff923fcf6e3c78 EFLAGS: 00010246<br /> RAX: 0000000000000000 RBX: ffffe38687000000 RCX: 0000000000000100<br /> RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffffe38687000000<br /> RBP: ffff923fcf6e3c88 R08: ffff923fcafb0000 R09: 0000000000000000<br /> R10: 0000000000000000 R11: ffffffff83619b90 R12: ffff923fa9540000<br /> R13: 0000000000080007 R14: ffff923f6d35d000 R15: 0000000000000000<br /> FS: 0000000000000000(0000) GS:ffff929d0d7c0000(0000) knlGS:0000000000000000<br /> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033<br /> CR2: ffffe38687000000 CR3: 0000005224c34005 CR4: 0000000000770ee0<br /> PKRU: 55555554<br /> Call Trace:<br /> <br /> sev_free_vcpu+0xcb/0x110 [kvm_amd]<br /> svm_vcpu_free+0x75/0xf0 [kvm_amd]<br /> kvm_arch_vcpu_destroy+0x36/0x140 [kvm]<br /> kvm_destroy_vcpus+0x67/0x100 [kvm]<br /> kvm_arch_destroy_vm+0x161/0x1d0 [kvm]<br /> kvm_put_kvm+0x276/0x560 [kvm]<br /> kvm_vm_release+0x25/0x30 [kvm]<br /> __fput+0x106/0x280<br /> ____fput+0x12/0x20<br /> task_work_run+0x86/0xb0<br /> do_exit+0x2e3/0x9c0<br /> do_group_exit+0xb1/0xc0<br /> __x64_sys_exit_group+0x1b/0x20<br /> do_syscall_64+0x41/0x90<br /> entry_SYSCALL_64_after_hwframe+0x63/0xcd<br /> <br /> CR2: ffffe38687000000

Impact

References to Advisories, Solutions, and Tools