Linux Distros Unpatched Vulnerability : CVE-2023-52659

medium Nessus Plugin ID 226949

Synopsis

The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be patched.

Description

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

- In the Linux kernel, the following vulnerability has been resolved: x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type On 64-bit platforms, the pfn_to_kaddr() macro requires that the input value is 64 bits in order to ensure that valid address bits don't get lost when shifting that input by PAGE_SHIFT to calculate the physical address to provide a virtual address for. One such example is in pvalidate_pages() (used by SEV-SNP guests), where the GFN in the struct used for page-state change requests is a 40-bit bit-field, so attempts to pass this GFN field directly into pfn_to_kaddr() ends up causing guest crashes when dealing with addresses above the 1TB range due to the above. Fix this issue with SEV-SNP guests, as well as any similar cases that might cause issues in current/future code, by using an inline function, instead of a macro, so that the input is implicitly cast to the expected 64-bit input type prior to performing the shift operation. While it might be argued that the issue is on the caller side, other archs/macros have taken similar approaches to deal with instances like this, such as ARM explicitly casting the input to phys_addr_t: e48866647b48 (ARM: 8396/1: use phys_addr_t in pfn_to_kaddr()) A C inline function is even better though. [ mingo: Refined the changelog some more & added __always_inline. ] (CVE-2023-52659)

Note that Nessus relies on the presence of the package as reported by the vendor.

Solution

There is no known solution at this time.

Plugin Details

Severity: Medium

ID: 226949

File Name: unpatched_CVE_2023_52659.nasl

Version: 1.1

Type: local

Agent: unix

Family: Misc.

Published: 3/5/2025

Updated: 3/5/2025

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2023-52659

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Required KB Items: Host/cpu, Host/local_checks_enabled, global_settings/vendor_unpatched

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 5/17/2024

Reference Information

CVE: CVE-2023-52659

Detections

Analytics