Fluid Attacks Database

Description

A flaw was found in the Linux kernel's KVM SVM implementation for AMD SEV-ES. During intrahost VM migration, KVM incorrectly retrieves source vCPUs from the destination VM instead of the source VM. This causes the VMSA (Virtual Machine Save Area) pointer to remain NULL, leading to a host kernel crash when the VM is destroyed or during subsequent vCPU operations.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	linux	>=0 <6.5.6-1	6.5.6-1
debian 14	linux	>=0 <6.5.6-1	6.5.6-1
debian 12	linux	=6.1.27-1 \|\| =6.1.37-1 \|\| =6.1.38-1 \|\| =6.1.38-2 \|\| =6.1.38-2~bpo11+1 \|\| =6.1.38-3 \|\| =6.1.38-4 \|\| =6.1.38-4~bpo11+1 \|\| =6.1.52-1 \|\| =6.1.55-1~bpo11+1 \|\| >=0 <6.1.55-1	6.1.55-1
rpm rhel9	kernel-rt	-	-
rpm rhel8	kernel	<0:4.18.0-553.34.1.el8_10	0:4.18.0-553.34.1.el8_10
rpm rhel9	kernel	<0:5.14.0-427.13.1.el9_4	0:5.14.0-427.13.1.el9_4
rpm rhel8	kernel-rt	-	-

Aliases

1. CVE-2023-542962. NVD-2023-542963. OSV-DEBIAN-2023-542964. OSV-2023-542965. SECURITY-TRACKER-CVE-2023-54296

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.