Linux Kernel Vulnerability in VMCI Leading to General Protection Fault
CVE-2023-53259

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 15 September 2025

What is CVE-2023-53259?

A vulnerability in the Linux kernel's VMCI (Virtual Machine Communication Interface) can lead to a general protection fault (GPF) when the function get_user_pages_fast() is called. This issue arises from the potential for context->notify_page to return NULL, which fails to adequately handle errors, possibly leading to wild memory access. Proper validation checks are needed to determine if context->notify_page is NULL, allowing for safe error handling instead of causing system instability.

Affected Version(s)

Linux a1d88436d53a75e950db15834b3d2f8c0c358fdc

References

https://git.kernel.org/stable/c/b4239bfb260d1e6837766c41a...

https://git.kernel.org/stable/c/d4198f67e7556b1507f14f60d...

https://git.kernel.org/stable/c/a3c89e8c69a58f62451c0a75b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Sep 15, 2025