{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52994", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-03-27T16:40:15.742Z", "datePublished": "2025-03-27T16:43:28.893Z", "dateUpdated": "2025-03-27T16:43:28.893Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-03-27T16:43:28.893Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nacpi: Fix suspend with Xen PV\n\nCommit f1e525009493 (\"x86/boot: Skip realmode init code when running as\nXen PV guest\") missed one code path accessing real_mode_header, leading\nto dereferencing NULL when suspending the system under Xen:\n\n [ 348.284004] PM: suspend entry (deep)\n [ 348.289532] Filesystems sync: 0.005 seconds\n [ 348.291545] Freezing user space processes ... (elapsed 0.000 seconds) done.\n [ 348.292457] OOM killer disabled.\n [ 348.292462] Freezing remaining freezable tasks ... (elapsed 0.104 seconds) done.\n [ 348.396612] printk: Suspending console(s) (use no_console_suspend to debug)\n [ 348.749228] PM: suspend devices took 0.352 seconds\n [ 348.769713] ACPI: EC: interrupt blocked\n [ 348.816077] BUG: kernel NULL pointer dereference, address: 000000000000001c\n [ 348.816080] #PF: supervisor read access in kernel mode\n [ 348.816081] #PF: error_code(0x0000) - not-present page\n [ 348.816083] PGD 0 P4D 0\n [ 348.816086] Oops: 0000 [#1] PREEMPT SMP NOPTI\n [ 348.816089] CPU: 0 PID: 6764 Comm: systemd-sleep Not tainted 6.1.3-1.fc32.qubes.x86_64 #1\n [ 348.816092] Hardware name: Star Labs StarBook/StarBook, BIOS 8.01 07/03/2022\n [ 348.816093] RIP: e030:acpi_get_wakeup_address+0xc/0x20\n\nFix that by adding an optional acpi callback allowing to skip setting\nthe wakeup address, as in the Xen PV case this will be handled by the\nhypervisor anyway."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/include/asm/acpi.h", "drivers/acpi/sleep.c"], "versions": [{"version": "b1898793777fe10a31c160bb8bc385d6eea640c6", "lessThan": "b96903b7fc8c82ddfd92df4cdd83db3e567da0a5", "status": "affected", "versionType": "git"}, {"version": "f1e525009493cbd569e7c8dd7d58157855f8658d", "lessThan": "fe0ba8c23f9a35b0307eb662f16dd3a75fcdae41", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/include/asm/acpi.h", "drivers/acpi/sleep.c"], "versions": [{"version": "6.1.2", "lessThan": "6.1.9", "status": "affected", "versionType": "semver"}]}], "references": [{"url": "https://git.kernel.org/stable/c/b96903b7fc8c82ddfd92df4cdd83db3e567da0a5"}, {"url": "https://git.kernel.org/stable/c/fe0ba8c23f9a35b0307eb662f16dd3a75fcdae41"}], "title": "acpi: Fix suspend with Xen PV", "x_generator": {"engine": "bippy-5f407fcff5a0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C7522E3-150F-436D-BBD7-96C7B4B795ED", "versionEndExcluding": "6.1", "versionStartIncluding": "6.0.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A2050E8-7CF5-47E1-B586-43FEE434D6EE", "versionEndExcluding": "6.1.9", "versionStartIncluding": "6.1.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nacpi: Fix suspend with Xen PV\n\nCommit f1e525009493 (\"x86/boot: Skip realmode init code when running as\nXen PV guest\") missed one code path accessing real_mode_header, leading\nto dereferencing NULL when suspending the system under Xen:\n\n [ 348.284004] PM: suspend entry (deep)\n [ 348.289532] Filesystems sync: 0.005 seconds\n [ 348.291545] Freezing user space processes ... (elapsed 0.000 seconds) done.\n [ 348.292457] OOM killer disabled.\n [ 348.292462] Freezing remaining freezable tasks ... (elapsed 0.104 seconds) done.\n [ 348.396612] printk: Suspending console(s) (use no_console_suspend to debug)\n [ 348.749228] PM: suspend devices took 0.352 seconds\n [ 348.769713] ACPI: EC: interrupt blocked\n [ 348.816077] BUG: kernel NULL pointer dereference, address: 000000000000001c\n [ 348.816080] #PF: supervisor read access in kernel mode\n [ 348.816081] #PF: error_code(0x0000) - not-present page\n [ 348.816083] PGD 0 P4D 0\n [ 348.816086] Oops: 0000 [#1] PREEMPT SMP NOPTI\n [ 348.816089] CPU: 0 PID: 6764 Comm: systemd-sleep Not tainted 6.1.3-1.fc32.qubes.x86_64 #1\n [ 348.816092] Hardware name: Star Labs StarBook/StarBook, BIOS 8.01 07/03/2022\n [ 348.816093] RIP: e030:acpi_get_wakeup_address+0xc/0x20\n\nFix that by adding an optional acpi callback allowing to skip setting\nthe wakeup address, as in the Xen PV case this will be handled by the\nhypervisor anyway."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: acpi: Fix suspend with Xen PV Commit f1e525009493 (\"x86/boot: Skip realmode init code when running as Xen PV guest\") omiti\u00f3 una ruta de c\u00f3digo que acced\u00eda a real_mode_header, lo que provoc\u00f3 la desreferenciaci\u00f3n de NULL al suspender el sistema bajo Xen: [348.284004] PM: entrada de suspensi\u00f3n (profunda) [348.289532] Sincronizaci\u00f3n de sistemas de archivos: 0,005 segundos [348.291545] Congelaci\u00f3n de procesos de espacio de usuario... (transcurridos 0,000 segundos) hecho. [348.292457] OOM killer deshabilitado. [348.292462] Congelaci\u00f3n de tareas congelables restantes... (transcurridos 0,104 segundos) hecho. [ 348.396612] printk: Suspendiendo consola(s) (use no_console_suspend para depurar) [ 348.749228] PM: suspender dispositivos tom\u00f3 0.352 segundos [ 348.769713] ACPI: EC: interrupci\u00f3n bloqueada [ 348.816077] ERROR: desreferencia de puntero NULL del kernel, direcci\u00f3n: 000000000000001c [ 348.816080] #PF: acceso de lectura del supervisor en modo kernel [ 348.816081] #PF: error_code(0x0000) - p\u00e1gina no presente [ 348.816083] PGD 0 P4D 0 [ 348.816086] Oops: 0000 [#1] PREEMPT SMP NOPTI [ 348.816089] CPU: 0 PID: 6764 Comm: systemd-sleep No contaminado 6.1.3-1.fc32.qubes.x86_64 #1 [ 348.816092] Nombre del hardware: Star Labs StarBook/StarBook, BIOS 8.01 07/03/2022 [ 348.816093] RIP: e030:acpi_get_wakeup_address+0xc/0x20 Corrija esto agregando una devoluci\u00f3n de llamada acpi opcional que permita omitir la configuraci\u00f3n de la direcci\u00f3n de activaci\u00f3n, ya que en el caso de Xen PV esto lo manejar\u00e1 el hipervisor de todos modos."}], "id": "CVE-2023-52994", "lastModified": "2025-04-15T14:32:39.637", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-03-27T17:15:47.053", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b96903b7fc8c82ddfd92df4cdd83db3e567da0a5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fe0ba8c23f9a35b0307eb662f16dd3a75fcdae41"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: acpi: Fix suspend with Xen PV", "id": "2355509", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355509"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nacpi: Fix suspend with Xen PV\nCommit f1e525009493 (\"x86/boot: Skip realmode init code when running as\nXen PV guest\") missed one code path accessing real_mode_header, leading\nto dereferencing NULL when suspending the system under Xen:\n[ 348.284004] PM: suspend entry (deep)\n[ 348.289532] Filesystems sync: 0.005 seconds\n[ 348.291545] Freezing user space processes ... (elapsed 0.000 seconds) done.\n[ 348.292457] OOM killer disabled.\n[ 348.292462] Freezing remaining freezable tasks ... (elapsed 0.104 seconds) done.\n[ 348.396612] printk: Suspending console(s) (use no_console_suspend to debug)\n[ 348.749228] PM: suspend devices took 0.352 seconds\n[ 348.769713] ACPI: EC: interrupt blocked\n[ 348.816077] BUG: kernel NULL pointer dereference, address: 000000000000001c\n[ 348.816080] #PF: supervisor read access in kernel mode\n[ 348.816081] #PF: error_code(0x0000) - not-present page\n[ 348.816083] PGD 0 P4D 0\n[ 348.816086] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 348.816089] CPU: 0 PID: 6764 Comm: systemd-sleep Not tainted 6.1.3-1.fc32.qubes.x86_64 #1\n[ 348.816092] Hardware name: Star Labs StarBook/StarBook, BIOS 8.01 07/03/2022\n[ 348.816093] RIP: e030:acpi_get_wakeup_address+0xc/0x20\nFix that by adding an optional acpi callback allowing to skip setting\nthe wakeup address, as in the Xen PV case this will be handled by the\nhypervisor anyway."], "name": "CVE-2023-52994", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-03-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52994\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52994\nhttps://lore.kernel.org/linux-cve-announce/2025032710-CVE-2023-52994-5336@gregkh/T"], "threat_severity": "Low"}