CVE-2023-54007

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a race condition within the vmci host poll() function that can lead to a general protection fault (GPF). This issue occurs due to non-atomic reads of vmci host dev->context and vmci host dev->ct type, potentially allowing vmci host poll() to read an uninitialized context. The vulnerability was discovered during fuzzing and can be triggered by specific thread interleavings where vmci host dev->context is initialized on one CPU while being read on another. The function poll wait() is involved in the dereferencing of the potentially incorrect pointer.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.