CVE-2023-54167
Incorrect phys_to_virt() Handling Causes Kernel Oops on m68k Linux
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the Linux kernel on m68k platforms where physical memory does not start at address zero, such as Amiga systems. The issue arises because the function phys_to_virt() is called before paging_init(), which it depends on due to reliance on m68k_memoffset and module_fixup(). This premature call can cause the kernel to access invalid virtual addresses during boot with an initial ramdisk, leading to kernel crashes or 'Oops' errors. The fix was to postpone the phys_to_virt() handling for the initial ramdisk until after paging_init() is called.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash or encounter fatal errors during the boot process on affected m68k platforms using an initial ramdisk, potentially rendering the system unbootable or unstable until the issue is resolved.
What immediate steps should I take to mitigate this vulnerability?
Update the Linux kernel to a version where the phys_to_virt handling for the initial ramdisk on m68k platforms is postponed until after paging_init() is called. This fixes the issue where phys_to_virt() is called too early, causing kernel access errors during boot with an initial ramdisk on platforms where physical memory does not start at address zero.