CVE-2023-53769
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
virt/coco/sev-guest: Double-buffer messages
The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy whole messages in or out as needed before doing any computation on them.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | d5af44dde5461d125d1602ac913ab5c6bdf09b8b < 577a64725bfd77645986168e953d405067ee565b | affected |
| Linux | Linux | d5af44dde5461d125d1602ac913ab5c6bdf09b8b < c27dafc4aa50a29ec927b3aa84ac7b430071f682 | affected |
| Linux | Linux | d5af44dde5461d125d1602ac913ab5c6bdf09b8b < 4b69c63f716cfda38e1210e65b68f67f6cee2ddf | affected |
| Linux | Linux | d5af44dde5461d125d1602ac913ab5c6bdf09b8b < 965006103a14703cc42043bbf9b5e0cdf7a468ad | affected |
| Linux | Linux | 5.19 | affected |
| Linux | Linux | 0 < 5.19 | unaffected |
| Linux | Linux | 6.1.28 <= 6.1.* | unaffected |
| Linux | Linux | 6.2.15 <= 6.2.* | unaffected |
| Linux | Linux | 6.3.2 <= 6.3.* | unaffected |
| Linux | Linux | 6.4 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/577a64725bfd77645986168e953d405067ee565b
- https://git.kernel.org/stable/c/c27dafc4aa50a29ec927b3aa84ac7b430071f682
- https://git.kernel.org/stable/c/4b69c63f716cfda38e1210e65b68f67f6cee2ddf
- https://git.kernel.org/stable/c/965006103a14703cc42043bbf9b5e0cdf7a468ad
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.