Uninitialized Variable Vulnerability in Linux Kernel's KVM Hypervisor
CVE-2023-53756

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
8 December 2025

What is CVE-2023-53756?

A vulnerability exists in the Linux kernel's KVM module where an uninitialized variable leads to a NULL pointer dereference. When enabling 'Enlightened VMCS' and 'Enlightened MSR Bitmap', an uninitialized per-CPU variable 'current_vmcs' can erroneously cause crashes by allowing incorrect access to its structure. Specifically, this flaw arises during the manipulation of MSR bitmaps in nested hypervisors. This situation can give rise to instability and unexpected behavior in virtual machines running on systems using KVM.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux ceef7d10dfb6284d512c499292e6daa35ea83f90 < 6baebcecf09acd19e2bab1c2911dcdba5d48a1dc

Linux ceef7d10dfb6284d512c499292e6daa35ea83f90 < 6e7bc50f97c9855da83f1478f722590defd45ff2

Linux ceef7d10dfb6284d512c499292e6daa35ea83f90

References

https://git.kernel.org/stable/c/6baebcecf09acd19e2bab1c29...
https://git.kernel.org/stable/c/6e7bc50f97c9855da83f1478f...
https://git.kernel.org/stable/c/b2de2b4d4e007f9add46ea8dc...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.