CVE-2023-53756

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the KVM component, specifically related to nested hypervisor operation on Hyper-V. The issue stems from an uninitialized current vmcs variable within the evmcs touch msr bitmap function, leading to a potential crash when updating the MSR bitmap. This occurs because the code may incorrectly write to memory pointed to by an uninitialized current vmcs value, particularly during preemption scenarios. The root cause is the insufficient check for current vmcs being null. The issue is triggered by calls to vmx disable intercept for msr and vmx vcpu create. The crash manifests as a kernel NULL pointer dereference.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.