CVE-2023-53694
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-10-22

Last updated on: 2025-10-22

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: riscv: ftrace: Fixup panic by disabling preemption In RISCV, we must use an AUIPC + JALR pair to encode an immediate, forming a jump that jumps to an address over 4K. This may cause errors if we want to enable kernel preemption and remove dependency from patching code with stop_machine(). For example, if a task was switched out on auipc. And, if we changed the ftrace function before it was switched back, then it would jump to an address that has updated 11:0 bits mixing with previous XLEN:12 part. p: patched area performed by dynamic ftrace ftrace_prologue: p| REG_S ra, -SZREG(sp) p| auipc ra, 0x? ------------> preempted ... change ftrace function ... p| jalr -?(ra) <------------- switched back p| REG_L ra, -SZREG(sp) func: xxx ret
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-22
Last Modified
2025-10-22
Generated
2026-06-16
AI Q&A
2025-10-22
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53694
EUVD
EUVD-2023-60034
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel's RISCV architecture involves the ftrace function and how it handles kernel preemption. Specifically, the use of an AUIPC + JALR instruction pair to encode a jump over 4K can cause errors if kernel preemption is enabled. If a task is switched out during the AUIPC instruction and the ftrace function is changed before the task switches back, the jump address may become corrupted by mixing bits from the updated function and previous state, potentially causing a kernel panic. The fix involves disabling preemption to avoid this issue.

Impact Analysis

This vulnerability can cause a kernel panic in systems running the RISCV Linux kernel with ftrace and kernel preemption enabled. A kernel panic leads to a system crash, causing downtime and potential data loss or service interruption.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53694. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart