CVE-2023-54092

Summary

In the Linux kernel, the following vulnerability has been resolved:

KVM: s390: pv: fix index value of replaced ASCE

The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390_replace_asce(), the index of the new ASCE should also be set to 0.

Having the wrong index might lead to the wrong addresses being passed around when notifying pte invalidations, and eventually to validity intercepts (VM crash) if the prefix gets unmapped and the notifier gets called with the wrong address.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9d216035d173214cd33712d67d89220ef2283ebf < 8e635da0e0d3cb45e32fa79b36218fb98281bc10affected
LinuxLinux81ea65c9aefe100a9ace3082649bd84ae7dd9764 < 49a2686adddebe1ae76b4d368383208656ef6606affected
LinuxLinuxfaa2f72cb3569256480c5540d242c84e99965160 < 017f686bcb536ff23d49c143fdf9d1fd89a9a924affected
LinuxLinuxfaa2f72cb3569256480c5540d242c84e99965160 < f1c7a776338f2ac5e34da40e58fe9f33ea390a5eaffected
LinuxLinuxfaa2f72cb3569256480c5540d242c84e99965160 < c2fceb59bbda16468bda82b002383bff59de89abaffected
LinuxLinuxb5477f53e1d4de6191f50748a027251b14952eebaffected
LinuxLinux63c71e83d5b6ab8adb5fcebef977052048016957affected
LinuxLinux5.10.137 < 5.10.190affected
LinuxLinux5.15.61 < 5.15.124affected
LinuxLinux5.18.18 < 5.19affected
LinuxLinux5.19.2 < 5.20affected
LinuxLinux6.0affected
LinuxLinux0 < 6.0unaffected
LinuxLinux5.10.190 <= 5.10.*unaffected
LinuxLinux5.15.124 <= 5.15.*unaffected
LinuxLinux6.1.43 <= 6.1.*unaffected
LinuxLinux6.4.8 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

References