{ "affected": [ { "ranges": [ { "events": [ { "introduced": "6657fca06e3ffab8d0b3f9d8b397f5ee498952d7" }, { "fixed": "3719d3c36aa853d5a2401af9f8d6b116c91ad5ae" }, { "fixed": "3770c38cd6a60494da29ac2da73ff8156440a2d1" }, { "fixed": "6788b10620ca6e98575d1e06e72a8974aad7657e" }, { "fixed": "ecba5afe86f30605eb9dfb7f265a8de0218d4cfc" }, { "fixed": "5b784489c8158518bf7a466bb3cc045b0fb66b4b" }, { "fixed": "cd287cc208dfe6bd6da98e7f88e723209242c9b4" }, { "fixed": "d35652a5fc9944784f6f50a5c979518ff8dacf61" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" } ] }, { "ranges": [ { "events": [ { "introduced": "29dcea88779c856c7dc92040a0c01233263101d4" }, { "fixed": "4a82dfcb8b4d07331d1db05a36f7d87013787e9e" }, { "introduced": "8fe28cb58bcb235034b64cbbb7550a8a43fd88be" }, { "fixed": "e133c1ee6d7271007fdba3dbe78818afd88943f9" }, { "introduced": "c9c3395d5e3dcc6daee66c6908354d47bf98cb0c" }, { "fixed": "8bbe7c640d76724e9cfd8aa130b8d36ad6db77a9" }, { "introduced": "d5226fa6dbae0569ee43ecfc08bdcd6770fc4755" }, { "fixed": "cb49f0e441ce7db63ef67ccfa9d9562c22f5d6c3" }, { "introduced": "df0cc57e057f18e44dac8e6c18aba47ab53202f9" }, { "fixed": "7d24402875c75ca6e43aa27ae3ce2042bde259a4" }, { "introduced": "f40ddce88593482919761f74910f42f4b84c004b" }, { "fixed": "00c03985402ee5e9dffa643f45b9291274bf4070" } ], "repo": "https://github.com/gregkh/linux", "type": "GIT" } ] } ], "database_specific": { "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52504.json" }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/alternatives: Disable KASAN in apply_alternatives()\n\nFei has reported that KASAN triggers during apply_alternatives() on\na 5-level paging machine:\n\n\tBUG: KASAN: out-of-bounds in rcu_is_watching()\n\tRead of size 4 at addr ff110003ee6419a0 by task swapper/0/0\n\t...\n\t__asan_load4()\n\trcu_is_watching()\n\ttrace_hardirqs_on()\n\ttext_poke_early()\n\tapply_alternatives()\n\t...\n\nOn machines with 5-level paging, cpu_feature_enabled(X86_FEATURE_LA57)\ngets patched. It includes KASAN code, where KASAN_SHADOW_START depends on\n__VIRTUAL_MASK_SHIFT, which is defined with cpu_feature_enabled().\n\nKASAN gets confused when apply_alternatives() patches the\nKASAN_SHADOW_START users. A test patch that makes KASAN_SHADOW_START\nstatic, by replacing __VIRTUAL_MASK_SHIFT with 56, works around the issue.\n\nFix it for real by disabling KASAN while the kernel is patching alternatives.\n\n[ mingo: updated the changelog ]", "id": "CVE-2023-52504", "modified": "2026-02-24T07:35:18.881336226Z", "published": "2024-03-02T21:52:18.500Z", "references": [ { "type": "PACKAGE", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/3719d3c36aa853d5a2401af9f8d6b116c91ad5ae" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/3770c38cd6a60494da29ac2da73ff8156440a2d1" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/5b784489c8158518bf7a466bb3cc045b0fb66b4b" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/6788b10620ca6e98575d1e06e72a8974aad7657e" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/cd287cc208dfe6bd6da98e7f88e723209242c9b4" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/d35652a5fc9944784f6f50a5c979518ff8dacf61" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/ecba5afe86f30605eb9dfb7f265a8de0218d4cfc" }, { "type": "ADVISORY", "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52504.json" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52504" } ], "schema_version": "1.7.3", "summary": "x86/alternatives: Disable KASAN in apply_alternatives()" }