CVE-2023-53713

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw related to the Scalable Vector Extension (SVE) mode and the Floating-point Feature Register (FFR). Specifically, when saving the SVE state in streaming SVE mode, the FFR register is inaccessible. A previous commit attempted to clear the FFR field in the in-memory context structure using an 8-byte store. However, this approach fails to clear the entire field or corrupts memory if the SME vector length is not 64 bytes. This issue has resulted in intermittent kfence splats during continuous integration and kmalloc Redzone corruption messages during the 'fp-stress' kselftest. The issue is addressed by replacing the 8-byte store with a store of a predicate register initialized with PFALSE, ensuring complete field clearing.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.