CVE-2023-54092

In the Linux kernel, the following vulnerability has been resolved:

KVM: s390: pv: fix index value of replaced ASCE

The index field of the struct page corresponding to a guest ASCE should
be 0. When replacing the ASCE in s390_replace_asce(), the index of the
new ASCE should also be set to 0.

Having the wrong index might lead to the wrong addresses being passed
around when notifying pte invalidations, and eventually to validity
intercepts (VM crash) if the prefix gets unmapped and the notifier gets
called with the wrong address.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.247-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.158-1
fixed
trixie
6.12.57-1
fixed
trixie (security)
6.12.48-1
fixed
forky
6.17.12-1
fixed
sid
6.17.13-1
fixed
References
https://git.kernel.org/stable/c/017f686bcb536ff23d49c143fdf9d1fd89a9a924
https://git.kernel.org/stable/c/49a2686adddebe1ae76b4d368383208656ef6606
https://git.kernel.org/stable/c/8e635da0e0d3cb45e32fa79b36218fb98281bc10
https://git.kernel.org/stable/c/c2fceb59bbda16468bda82b002383bff59de89ab
https://git.kernel.org/stable/c/f1c7a776338f2ac5e34da40e58fe9f33ea390a5e