CVE-2023-52476

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A panic can occur when a vsyscall is made while LBR sampling is active. If the vsyscall is interrupted for perf sampling, a specific call sequence can occur, leading to an unhandled page fault. The issue arises from the access to an address in the vsyscall region. To fix the bug, filtering for vsyscalls can be done when determining the branch type, returning a "none" branch if a kernel address is found to lie in the vsyscall region. The vulnerable function names include insn get emulate prefix(), insn get emulate prefix(), insn get prefixes(), insn get opcode(), decode branch type(), get branch type(), intel pmu lbr filter(), intel pmu handle irq(), and perf event nmi handler(). A macro peek nbyte next(insn byte t, insn, i) is also called, leading to a dereference of (insn)->next byte.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.