Linux Kernel Vulnerability Affecting ARM64 Configuration by Vendor
CVE-2023-53319

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2023-53319?

A vulnerability in the Linux kernel's KVM module arises due to a lack of synchronization between the finalize_pkvm() function and the kvm_arm_init() initialization calls. As a result, if kvm_arm_init() fails, the system continues executing finalize_pkvm(), leading to a series of warnings on all CPUs and potentially resulting in a kernel panic. This issue highlights the importance of implementing successful initialization checks to ensure system stability and security.

Affected Version(s)

Linux 87727ba2bb05cc3cb4233231faa7ab4c7eeb6c73 < 91450dec0445f4d12f960ba68d8d05c3cb2ab5b8

Linux 87727ba2bb05cc3cb4233231faa7ab4c7eeb6c73

Linux 6.4

References

https://git.kernel.org/stable/c/91450dec0445f4d12f960ba68...

https://git.kernel.org/stable/c/fa729bc7c9c8c17a2481358c8...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Sep 16, 2025