CVE-2023-53184

HIGH EPSS 4.7%
Published Sep 15, 20259mo ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Sep 15, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set new vector length before reallocating As part of fixing the allocation of the buffer for SVE state when changing SME vector length we introduced an immediate reallocation of the SVE state, this is also done when changing the SVE vector length for consistency. Unfortunately this reallocation is done prior to writing the new vector length to the task struct, meaning the allocation is done with the old vector length and can lead to memory corruption due to an undersized buffer being used. Move the update of the vector length before the allocation to ensure that the new vector length is taken into account. For some reason this isn't triggering any problems when running tests on the arm64 fixes branch (even after repeated tries) but is triggering issues very often after merge into mainline.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
4.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel6.1.42any
linuxlinux_kernel6.4.7any
linuxlinux_kernel6.5any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/05d881b85b48c7ac6a7c92ce00aa916c4a84d052
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/356e711640aea6ed145da9407499388b45264cb4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/807ada0e4aa3c9090c66009a99fa530c462012c9
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/05d881b85b48c7ac6a7c92ce00aa916c4a84d052
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/356e711640aea6ed145da9407499388b45264cb4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/807ada0e4aa3c9090c66009a99fa530c462012c9
    Patch