PT-2023-6490 · Linux+8 · Linux Kernel+8

Tom Dohrmann

·

Published

2023-10-09

·

Updated

2025-11-11

·

CVE-2023-46813

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.9
Description The issue is caused by errors in synchronization when using a shared resource, potentially allowing an attacker to execute arbitrary code. It involves incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses, which could lead to arbitrary write access to kernel memory and thus privilege escalation. This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it.
Recommendations For Linux kernel versions prior to 6.5.9, update to version 6.5.9 or later to resolve the issue. As a temporary workaround, consider restricting access to MMIO registers to minimize the risk of exploitation. Avoid using the #VC handler and SEV-ES emulation of MMIO accesses in sensitive operations until the issue is resolved.

Exploit

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALSA-2024:0897
ALSA-2024_0897
ALSA-2024_10939
ALSA-2024_10943
ALSA-2024_10944
ALSA-2024_1607
ALSA-2024_2394
ALSA-2024_2758
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALSA-2025_18281
ALSA-2025_19102
ALSA-2025_19103
ALSA-2025_19409
ALSA-2025_20518
ALT-PU-2023-7472
ALT-PU-2024-14046
ALT-PU-2024-6818
AZL-31815
AZL-34802
BDU:2023-07236
CESA-2024_0881
CESA-2024_0897
CVE-2023-46813
DLA-3711-1
DSA-5594-1
ELSA-2024-0461
ELSA-2024-0897
ELSA-2024-12094
ELSA-2024-12159
ELSA-2024-12187
MGASA-2023-0328
MGASA-2023-0331
OESA-2023-1797
OESA-2023-1798
OESA-2023-1799
OPENSUSE-SU-2023_4345-1
OPENSUSE-SU-2023_4351-1
OPENSUSE-SU-2023_4375-1
OPENSUSE-SU-2023_4414-1
OPENSUSE-SU-2023_4732-1
OPENSUSE-SU-2024:13405-1
OPENSUSE-SU-2024:13704-1
RHSA-2024:0431
RHSA-2024:0432
RHSA-2024:0439
RHSA-2024:0448
RHSA-2024:0461
RHSA-2024:0575
RHSA-2024:0724
RHSA-2024:0881
RHSA-2024:0897
RHSA-2024_0461
RHSA-2024_0881
RHSA-2024_0897
SUSE-SU-2023:4345-1
SUSE-SU-2023:4351-1
SUSE-SU-2023:4375-1
SUSE-SU-2023:4414-1
SUSE-SU-2023:4732-1
SUSE-SU-2023_4375-1
SUSE-SU-2023_4414-1
SUSE-SU-2023_4732-1
SUSE-SU-2024:0986-1
SUSE-SU-2024:0995-1
SUSE-SU-2024:1023-1
SUSE-SU-2024:1039-1
SUSE-SU-2024:1045-1
SUSE-SU-2024:1063-1
SUSE-SU-2024:1097-1
USN-6533-1
USN-6624-1
USN-6626-1
USN-6626-2
USN-6626-3
USN-6628-1
USN-6628-2
USN-6652-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu