CVE-2023-53256
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-15

Last updated on: 2025-12-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Fix FFA device names for logical partitions Each physical partition can provide multiple services each with UUID. Each such service can be presented as logical partition with a unique combination of VM ID and UUID. The number of distinct UUID in a system will be less than or equal to the number of logical partitions. However, currently it fails to register more than one logical partition or service within a physical partition as the device name contains only VM ID while both VM ID and UUID are maintained in the partition information. The kernel complains with the below message: | sysfs: cannot create duplicate filename '/devices/arm-ffa-8001' | CPU: 1 PID: 1 Comm: swapper/0 Not tainted 6.3.0-rc7 #8 | Hardware name: FVP Base RevC (DT) | Call trace: | dump_backtrace+0xf8/0x118 | show_stack+0x18/0x24 | dump_stack_lvl+0x50/0x68 | dump_stack+0x18/0x24 | sysfs_create_dir_ns+0xe0/0x13c | kobject_add_internal+0x220/0x3d4 | kobject_add+0x94/0x100 | device_add+0x144/0x5d8 | device_register+0x20/0x30 | ffa_device_register+0x88/0xd8 | ffa_setup_partitions+0x108/0x1b8 | ffa_init+0x2ec/0x3a4 | do_one_initcall+0xcc/0x240 | do_initcall_level+0x8c/0xac | do_initcalls+0x54/0x94 | do_basic_setup+0x1c/0x28 | kernel_init_freeable+0x100/0x16c | kernel_init+0x20/0x1a0 | ret_from_fork+0x10/0x20 | kobject_add_internal failed for arm-ffa-8001 with -EEXIST, don't try to | register things with the same name in the same directory. | arm_ffa arm-ffa: unable to register device arm-ffa-8001 err=-17 | ARM FF-A: ffa_setup_partitions: failed to register partition ID 0x8001 By virtue of being random enough to avoid collisions when generated in a distributed system, there is no way to compress UUID keys to the number of bits required to identify each. We can eliminate '-' in the name but it is not worth eliminating 4 bytes and add unnecessary logic for doing that. Also v1.0 doesn't provide the UUID of the partitions which makes it hard to use the same for the device name. So to keep it simple, let us alloc an ID using ida_alloc() and append the same to "arm-ffa" to make up a unique device name. Also stash the id value in ffa_dev to help freeing the ID later when the device is destroyed.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-15
Last Modified
2025-12-03
Generated
2026-05-07
AI Q&A
2025-09-15
EPSS Evaluated
2026-05-05
NVD
CVE-2023-53256
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 5.14 (inc) to 5.15.114 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.31 (exc)
linux linux_kernel From 6.2 (inc) to 6.3.5 (exc)
linux linux_kernel 6.4
linux linux_kernel 6.4
linux linux_kernel 6.4
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the Linux kernel's arm_ffa firmware relates to how logical partitions are registered as devices. Each physical partition can provide multiple services identified by UUIDs, and these services should be represented as logical partitions with unique device names combining VM ID and UUID. However, the kernel only used VM ID in the device name, causing conflicts when multiple logical partitions or services exist within the same physical partition. This results in errors when trying to register devices with duplicate names, leading to failure in device registration.


How can this vulnerability impact me? :

The impact of this vulnerability is that the Linux kernel fails to register multiple logical partitions or services within a physical partition due to duplicate device names. This can cause system errors during initialization or operation, potentially leading to malfunction or inability to use certain hardware features related to arm_ffa partitions. It may affect system stability or functionality where multiple logical partitions are expected.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking the kernel logs for error messages related to duplicate device names for arm-ffa devices. Specifically, look for messages like 'sysfs: cannot create duplicate filename' and 'arm_ffa arm-ffa: unable to register device arm-ffa-8001 err=-17'. You can use the command 'dmesg | grep arm-ffa' or 'journalctl -k | grep arm-ffa' to find such messages in the system logs.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves updating the Linux kernel to a version where this issue is fixed, as the vulnerability is resolved by changing the device naming scheme to ensure unique device names for logical partitions. Until the update is applied, monitoring for the error messages and avoiding configurations that create multiple logical partitions with conflicting device names may help reduce impact.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart