Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2023-52659): Linux kernel vulnerabilities

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Ubuntu: (Multiple Advisories) (CVE-2023-52659): Linux kernel vulnerabilities

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
05/17/2024
Created
07/02/2024
Added
07/01/2024
Modified
07/15/2024

Description

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type On 64-bit platforms, the pfn_to_kaddr() macro requires that the input value is 64 bits in order to ensure that valid address bits don't get lost when shifting that input by PAGE_SHIFT to calculate the physical address to provide a virtual address for. One such example is in pvalidate_pages() (used by SEV-SNP guests), where the GFN in the struct used for page-state change requests is a 40-bit bit-field, so attempts to pass this GFN field directly into pfn_to_kaddr() ends up causing guest crashes when dealing with addresses above the 1TB range due to the above. Fix this issue with SEV-SNP guests, as well as any similar cases that might cause issues in current/future code, by using an inline function, instead of a macro, so that the input is implicitly cast to the expected 64-bit input type prior to performing the shift operation. While it might be argued that the issue is on the caller side, other archs/macros have taken similar approaches to deal with instances like this, such as ARM explicitly casting the input to phys_addr_t: e48866647b48 ("ARM: 8396/1: use phys_addr_t in pfn_to_kaddr()") A C inline function is even better though. [ mingo: Refined the changelog some more & added __always_inline. ]

Solution(s)

  • ubuntu-upgrade-linux-image-6-8-0-1004-gke
  • ubuntu-upgrade-linux-image-6-8-0-1005-raspi
  • ubuntu-upgrade-linux-image-6-8-0-1006-ibm
  • ubuntu-upgrade-linux-image-6-8-0-1006-oem
  • ubuntu-upgrade-linux-image-6-8-0-1006-oracle
  • ubuntu-upgrade-linux-image-6-8-0-1006-oracle-64k
  • ubuntu-upgrade-linux-image-6-8-0-1008-azure
  • ubuntu-upgrade-linux-image-6-8-0-1008-azure-fde
  • ubuntu-upgrade-linux-image-6-8-0-1008-gcp
  • ubuntu-upgrade-linux-image-6-8-0-1009-aws
  • ubuntu-upgrade-linux-image-6-8-0-35-generic
  • ubuntu-upgrade-linux-image-6-8-0-35-generic-64k
  • ubuntu-upgrade-linux-image-6-8-0-35-lowlatency
  • ubuntu-upgrade-linux-image-6-8-0-35-lowlatency-64k
  • ubuntu-upgrade-linux-image-aws
  • ubuntu-upgrade-linux-image-azure
  • ubuntu-upgrade-linux-image-azure-fde
  • ubuntu-upgrade-linux-image-gcp
  • ubuntu-upgrade-linux-image-generic
  • ubuntu-upgrade-linux-image-generic-64k
  • ubuntu-upgrade-linux-image-generic-64k-hwe-24-04
  • ubuntu-upgrade-linux-image-generic-hwe-24-04
  • ubuntu-upgrade-linux-image-generic-lpae
  • ubuntu-upgrade-linux-image-gke
  • ubuntu-upgrade-linux-image-ibm
  • ubuntu-upgrade-linux-image-ibm-classic
  • ubuntu-upgrade-linux-image-ibm-lts-24-04
  • ubuntu-upgrade-linux-image-kvm
  • ubuntu-upgrade-linux-image-lowlatency
  • ubuntu-upgrade-linux-image-lowlatency-64k
  • ubuntu-upgrade-linux-image-oem-24-04
  • ubuntu-upgrade-linux-image-oem-24-04a
  • ubuntu-upgrade-linux-image-oracle
  • ubuntu-upgrade-linux-image-oracle-64k
  • ubuntu-upgrade-linux-image-raspi
  • ubuntu-upgrade-linux-image-virtual
  • ubuntu-upgrade-linux-image-virtual-hwe-24-04

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;