{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-53789", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-08T23:58:35.273Z", "datePublished": "2025-12-09T00:00:45.461Z", "dateUpdated": "2025-12-09T00:00:45.461Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-09T00:00:45.461Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Improve page fault error reporting\n\nIf IOMMU domain for device group is not setup properly then we may hit\nIOMMU page fault. Current page fault handler assumes that domain is\nalways setup and it will hit NULL pointer derefence (see below sample log).\n\nLets check whether domain is setup or not and log appropriate message.\n\nSample log:\n----------\n amdgpu 0000:00:01.0: amdgpu: SE 1, SH per SE 1, CU per SH 8, active_cu_number 6\n BUG: kernel NULL pointer dereference, address: 0000000000000058\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 2 PID: 56 Comm: irq/24-AMD-Vi Not tainted 6.2.0-rc2+ #89\n Hardware name: xxx\n RIP: 0010:report_iommu_fault+0x11/0x90\n [...]\n Call Trace:\n <TASK>\n amd_iommu_int_thread+0x60c/0x760\n ? __pfx_irq_thread_fn+0x10/0x10\n irq_thread_fn+0x1f/0x60\n irq_thread+0xea/0x1a0\n ? preempt_count_add+0x6a/0xa0\n ? __pfx_irq_thread_dtor+0x10/0x10\n ? __pfx_irq_thread+0x10/0x10\n kthread+0xe9/0x110\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2c/0x50\n </TASK>\n\n[joro: Edit commit message]"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iommu/amd/iommu.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "be8301e2d5a8b95c04ae8e35d7bfee7b0f03f83a", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "446080b353f048b1fddaec1434cb3d27b5de7efe", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "996d120b4de2b0d6b592bd9fbbe6e244b81ab3cc", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iommu/amd/iommu.c"], "versions": [{"version": "6.1.16", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2.3", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.2.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/be8301e2d5a8b95c04ae8e35d7bfee7b0f03f83a"}, {"url": "https://git.kernel.org/stable/c/446080b353f048b1fddaec1434cb3d27b5de7efe"}, {"url": "https://git.kernel.org/stable/c/996d120b4de2b0d6b592bd9fbbe6e244b81ab3cc"}], "title": "iommu/amd: Improve page fault error reporting", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Improve page fault error reporting\n\nIf IOMMU domain for device group is not setup properly then we may hit\nIOMMU page fault. Current page fault handler assumes that domain is\nalways setup and it will hit NULL pointer derefence (see below sample log).\n\nLets check whether domain is setup or not and log appropriate message.\n\nSample log:\n----------\n amdgpu 0000:00:01.0: amdgpu: SE 1, SH per SE 1, CU per SH 8, active_cu_number 6\n BUG: kernel NULL pointer dereference, address: 0000000000000058\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 2 PID: 56 Comm: irq/24-AMD-Vi Not tainted 6.2.0-rc2+ #89\n Hardware name: xxx\n RIP: 0010:report_iommu_fault+0x11/0x90\n [...]\n Call Trace:\n <TASK>\n amd_iommu_int_thread+0x60c/0x760\n ? __pfx_irq_thread_fn+0x10/0x10\n irq_thread_fn+0x1f/0x60\n irq_thread+0xea/0x1a0\n ? preempt_count_add+0x6a/0xa0\n ? __pfx_irq_thread_dtor+0x10/0x10\n ? __pfx_irq_thread+0x10/0x10\n kthread+0xe9/0x110\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2c/0x50\n </TASK>\n\n[joro: Edit commit message]"}], "id": "CVE-2023-53789", "lastModified": "2025-12-09T18:37:13.640", "metrics": {}, "published": "2025-12-09T01:16:50.317", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/446080b353f048b1fddaec1434cb3d27b5de7efe"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/996d120b4de2b0d6b592bd9fbbe6e244b81ab3cc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/be8301e2d5a8b95c04ae8e35d7bfee7b0f03f83a"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: iommu/amd: Improve page fault error reporting", "id": "2420250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420250"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\niommu/amd: Improve page fault error reporting\nIf IOMMU domain for device group is not setup properly then we may hit\nIOMMU page fault. Current page fault handler assumes that domain is\nalways setup and it will hit NULL pointer derefence (see below sample log).\nLets check whether domain is setup or not and log appropriate message.\nSample log:\n----------\namdgpu 0000:00:01.0: amdgpu: SE 1, SH per SE 1, CU per SH 8, active_cu_number 6\nBUG: kernel NULL pointer dereference, address: 0000000000000058\n#PF: supervisor read access in kernel mode\n#PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 2 PID: 56 Comm: irq/24-AMD-Vi Not tainted 6.2.0-rc2+ #89\nHardware name: xxx\nRIP: 0010:report_iommu_fault+0x11/0x90\n[...]\nCall Trace:\n<TASK>\namd_iommu_int_thread+0x60c/0x760\n? __pfx_irq_thread_fn+0x10/0x10\nirq_thread_fn+0x1f/0x60\nirq_thread+0xea/0x1a0\n? preempt_count_add+0x6a/0xa0\n? __pfx_irq_thread_dtor+0x10/0x10\n? __pfx_irq_thread+0x10/0x10\nkthread+0xe9/0x110\n? __pfx_kthread+0x10/0x10\nret_from_fork+0x2c/0x50\n</TASK>\n[joro: Edit commit message]"], "name": "CVE-2023-53789", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-53789\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53789\nhttps://lore.kernel.org/linux-cve-announce/2025120940-CVE-2023-53789-c5cb@gregkh/T"], "threat_severity": "Moderate"}