ghsa-jcv3-h4xr-539v
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
powerpc/ps3_defconfig: Disable PPC64_BIG_ENDIAN_ELF_ABI_V2
Commit 8c5fa3b5c4df ("powerpc/64: Make ELFv2 the default for big-endian builds"), merged in Linux-6.5-rc1 changes the calling ABI in a way that is incompatible with the current code for the PS3's LV1 hypervisor calls.
This change just adds the line '# CONFIG_PPC64_BIG_ENDIAN_ELF_ABI_V2 is not set' to the ps3_defconfig file so that the PPC64_ELF_ABI_V1 is used.
Fixes run time errors like these:
BUG: Kernel NULL pointer dereference at 0x00000000 Faulting instruction address: 0xc000000000047cf0 Oops: Kernel access of bad area, sig: 11 [#1] Call Trace: [c0000000023039e0] [c00000000100ebfc] ps3_create_spu+0xc4/0x2b0 (unreliable) [c000000002303ab0] [c00000000100d4c4] create_spu+0xcc/0x3c4 [c000000002303b40] [c00000000100eae4] ps3_enumerate_spus+0xa4/0xf8
{
"affected": [],
"aliases": [
"CVE-2023-52665"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-17T14:15:09Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/ps3_defconfig: Disable PPC64_BIG_ENDIAN_ELF_ABI_V2\n\nCommit 8c5fa3b5c4df (\"powerpc/64: Make ELFv2 the default for big-endian\nbuilds\"), merged in Linux-6.5-rc1 changes the calling ABI in a way\nthat is incompatible with the current code for the PS3\u0027s LV1 hypervisor\ncalls.\n\nThis change just adds the line \u0027# CONFIG_PPC64_BIG_ENDIAN_ELF_ABI_V2 is not set\u0027\nto the ps3_defconfig file so that the PPC64_ELF_ABI_V1 is used.\n\nFixes run time errors like these:\n\n BUG: Kernel NULL pointer dereference at 0x00000000\n Faulting instruction address: 0xc000000000047cf0\n Oops: Kernel access of bad area, sig: 11 [#1]\n Call Trace:\n [c0000000023039e0] [c00000000100ebfc] ps3_create_spu+0xc4/0x2b0 (unreliable)\n [c000000002303ab0] [c00000000100d4c4] create_spu+0xcc/0x3c4\n [c000000002303b40] [c00000000100eae4] ps3_enumerate_spus+0xa4/0xf8",
"id": "GHSA-jcv3-h4xr-539v",
"modified": "2024-05-17T15:31:08Z",
"published": "2024-05-17T15:31:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52665"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/482b718a84f08b6fc84879c3e90cc57dba11c115"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d0f0780f03df54d08ced118d27834ee5008724e4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f70557d48215b14a9284ac3a6ae7e4ee1d039f10"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.