CVE-2023-54172

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions linux (affected versions not specified)

Description A flaw exists in the Linux kernel related to Indirect Branch Tracking (IBT) on x86/Hyperv systems. Specifically, when running on hardware supporting IBT within Hyper-V VMs with ConfigVersion 9.3 or later, the absence of an ENDBR64 instruction at the beginning of the hypercall page causes hypercall attempts to fail, resulting in a Linux panic. The issue arises because hypercalls are made via an indirect call to the hypercall page. A mitigation involves disabling IBT by clearing the X86 FEATURE IBT flag if the hypercall page does not begin with an ENDBR instruction, allowing the VM to boot and operate without IBT.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-54172

RHSA-2024:9315

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

Affected Products

Debian

Linux

CVE-2023-54172

Related Identifiers

Affected Products

References · 1459