CVE-2023-53474
BaseFortify
Publication date: 2025-10-01
Last updated on: 2025-10-02
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel involves the handling of Machine Check Architecture (MCA) banks on x86 AMD systems. The maximum number of MCA banks is 64, but the bank_map variable, which tracks which banks to initialize, was defined as an unsigned int (32-bit). When the number of banks exceeds 32, this causes an overflow and leads to undefined behavior detected by UBSAN (Undefined Behavior Sanitizer). The fix was to change bank_map to a 64-bit unsigned integer (u64) and use the correct macro to handle bit operations, preventing overflow and ensuring proper handling of all 64 banks.
How can this vulnerability impact me? :
This vulnerability can cause incorrect handling of MCA banks on affected AMD x86 systems, potentially leading to kernel errors or instability due to overflow in the bank_map bitfield. This may result in system crashes or unpredictable behavior when the number of MCA banks exceeds 32, affecting system reliability and stability.