ghsa-jg4p-q5hx-rqgr
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF
The call to get_user_pages_fast() in vmci_host_setup_notify() can return NULL context->notify_page causing a GPF. To avoid GPF check if context->notify_page == NULL and return error if so.
general protection fault, probably for non-canonical address 0xe0009d1000000060: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: maybe wild-memory-access in range [0x0005088000000300- 0x0005088000000307] CPU: 2 PID: 26180 Comm: repro_34802241 Not tainted 6.1.0-rc4 #1 Hardware name: Red Hat KVM, BIOS 1.15.0-2.module+el8.6.0 04/01/2014 RIP: 0010:vmci_ctx_check_signal_notify+0x91/0xe0 Call Trace: vmci_host_unlocked_ioctl+0x362/0x1f40 __x64_sys_ioctl+0x1a1/0x230 do_syscall_64+0x3a/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd
{
"affected": [],
"aliases": [
"CVE-2023-53259"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-15T15:15:53Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: check context-\u003enotify_page after call to get_user_pages_fast() to avoid GPF\n\nThe call to get_user_pages_fast() in vmci_host_setup_notify() can return\nNULL context-\u003enotify_page causing a GPF. To avoid GPF check if\ncontext-\u003enotify_page == NULL and return error if so.\n\ngeneral protection fault, probably for non-canonical address\n 0xe0009d1000000060: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: maybe wild-memory-access in range [0x0005088000000300-\n 0x0005088000000307]\nCPU: 2 PID: 26180 Comm: repro_34802241 Not tainted 6.1.0-rc4 #1\nHardware name: Red Hat KVM, BIOS 1.15.0-2.module+el8.6.0 04/01/2014\nRIP: 0010:vmci_ctx_check_signal_notify+0x91/0xe0\nCall Trace:\n \u003cTASK\u003e\n vmci_host_unlocked_ioctl+0x362/0x1f40\n __x64_sys_ioctl+0x1a1/0x230\n do_syscall_64+0x3a/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd",
"id": "GHSA-jg4p-q5hx-rqgr",
"modified": "2025-11-03T18:31:40Z",
"published": "2025-09-15T15:31:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53259"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/055891397f530f9b1b22be38d7eca8b08382941f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/1a726cb47fd204109c767409fa9ca15a96328f14"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/91b8e4f61f8f4594ee65368c8d89e6fdc29d3fb1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a3c89e8c69a58f62451c0a75b77fcab25979b897"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b4239bfb260d1e6837766c41a0b241d7670f1402"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d4198f67e7556b1507f14f60d81a72660e5560e4"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.