CVE-2024-53195

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises from the improper use of userspace irqchip in use in the Linux kernel, specifically in the KVM arm64 component. This leads to a WARN ON() in kvm timer update irq(). The sequence of events that causes this issue involves userspace creating a VM and a vCPU, initializing the vCPU with KVM ARM VCPU PMU V3, and then issuing KVM RUN without proper setup, resulting in kvm arm pmu v3 enable() failing. If userspace ignores this error and issues KVM ARM VCPU INIT again, it can lead to the WARN ON() being hit. The functionality of userspace irqchip in use can be replaced by !irqchip in kernel(), which helps avoid this mismanagement.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-672

Related Identifiers

AZL-68303

BDU:2026-01442

CVE-2024-53195

ECHO-8804-5ADD-9D0F

OESA-2025-1159

OESA-2025-1160

OPENSUSE-SU-2025_0428-1

OPENSUSE-SU-2025_0499-1

OPENSUSE-SU-2025_0557-1

SUSE-SU-2025:0289-1

SUSE-SU-2025:0428-1

SUSE-SU-2025:0499-1

SUSE-SU-2025:0557-1

SUSE-SU-2025:20165-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20248-1

SUSE-SU-2025:20249-1

SUSE-SU-2025_0428-1

SUSE-SU-2025_0499-1

SUSE-SU-2025_0557-1

USN-7276-1

USN-7277-1

USN-7310-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2024-53195

Weakness Enumeration

Related Identifiers

Affected Products

References · 2558