CVE-2023-53474
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-01

Last updated on: 2025-10-02

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use an u64 for bank_map Thee maximum number of MCA banks is 64 (MAX_NR_BANKS), see a0bc32b3cacf ("x86/mce: Increase maximum number of banks to 64"). However, the bank_map which contains a bitfield of which banks to initialize is of type unsigned int and that overflows when those bit numbers are >= 32, leading to UBSAN complaining correctly: UBSAN: shift-out-of-bounds in arch/x86/kernel/cpu/mce/amd.c:1365:38 shift exponent 32 is too large for 32-bit type 'int' Change the bank_map to a u64 and use the proper BIT_ULL() macro when modifying bits in there. [ bp: Rewrite commit message. ]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-01
Last Modified
2025-10-02
Generated
2026-06-16
AI Q&A
2025-10-01
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53474
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel involves the handling of Machine Check Architecture (MCA) banks on x86 AMD systems. The maximum number of MCA banks is 64, but the bank_map variable, which tracks which banks to initialize, was defined as an unsigned int (32-bit). When the number of banks exceeds 32, this causes an overflow and leads to undefined behavior detected by UBSAN (Undefined Behavior Sanitizer). The fix was to change bank_map to a 64-bit unsigned integer (u64) and use the correct macro to handle bit operations, preventing overflow and ensuring proper handling of all 64 banks.

Impact Analysis

This vulnerability can cause incorrect handling of MCA banks on affected AMD x86 systems, potentially leading to kernel errors or instability due to overflow in the bank_map bitfield. This may result in system crashes or unpredictable behavior when the number of MCA banks exceeds 32, affecting system reliability and stability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53474. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart