CVE-2023-52994

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version containing commit f1e525009493

Description A vulnerability in the Linux kernel has been resolved, related to the Advanced Configuration and Power Interface (ACPI) handling when suspending the system under Xen PV. The issue arises from a missed code path accessing real mode header, leading to a NULL pointer dereference when suspending the system. This results in a kernel crash, as indicated by the BUG: kernel NULL pointer dereference message. The vulnerability is fixed by adding an optional ACPI callback to skip setting the wakeup address, which is handled by the hypervisor in the Xen PV case.

Recommendations For Linux kernel versions prior to the version containing commit f1e525009493, update to a version that includes the fix for the ACPI suspend issue with Xen PV. As a temporary workaround, consider disabling suspend functionality until a patched version is available. Restrict access to the acpi get wakeup address function to minimize the risk of exploitation. Avoid using the real mode header variable in sensitive code paths until the issue is resolved.