{"vulnerability": "CVE-2023-53135", "sightings": [{"uuid": "cd937607-7ad1-4484-96b3-6073d589eabc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-53135", "type": "seen", "source": "https://t.me/cvedetector/24357", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-53135 - Riscv Linux Kernel Stack Out-of-Bounds Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-53135 \nPublished : May 2, 2025, 4:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nriscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode  \n  \nWhen CONFIG_FRAME_POINTER is unset, the stack unwinding function  \nwalk_stackframe randomly reads the stack and then, when KASAN is enabled,  \nit can lead to the following backtrace:  \n  \n[    0.000000] ==================================================================  \n[    0.000000] BUG: KASAN: stack-out-of-bounds in walk_stackframe+0xa6/0x11a  \n[    0.000000] Read of size 8 at addr ffffffff81807c40 by task swapper/0  \n[    0.000000]  \n[    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 6.2.0-12919-g24203e6db61f #43  \n[    0.000000] Hardware name: riscv-virtio,qemu (DT)  \n[    0.000000] Call Trace:  \n[    0.000000] [] walk_stackframe+0x0/0x11a  \n[    0.000000] [] init_param_lock+0x26/0x2a  \n[    0.000000] [] walk_stackframe+0xa2/0x11a  \n[    0.000000] [] dump_stack_lvl+0x22/0x36  \n[    0.000000] [] print_report+0x198/0x4a8  \n[    0.000000] [] init_param_lock+0x26/0x2a  \n[    0.000000] [] walk_stackframe+0xa2/0x11a  \n[    0.000000] [] kasan_report+0x9a/0xc8  \n[    0.000000] [] walk_stackframe+0xa2/0x11a  \n[    0.000000] [] walk_stackframe+0xa2/0x11a  \n[    0.000000] [] desc_make_final+0x80/0x84  \n[    0.000000] [] stack_trace_save+0x88/0xa6  \n[    0.000000] [] filter_irq_stacks+0x72/0x76  \n[    0.000000] [] devkmsg_read+0x32a/0x32e  \n[    0.000000] [] kasan_save_stack+0x28/0x52  \n[    0.000000] [] desc_make_final+0x7c/0x84  \n[    0.000000] [] stack_trace_save+0x84/0xa6  \n[    0.000000] [] kasan_set_track+0x12/0x20  \n[    0.000000] [] __kasan_slab_alloc+0x58/0x5e  \n[    0.000000] [] __kmem_cache_create+0x21e/0x39a  \n[    0.000000] [] create_boot_cache+0x70/0x9c  \n[    0.000000] [] kmem_cache_init+0x6c/0x11e  \n[    0.000000] [] mm_init+0xd8/0xfe  \n[    0.000000] [] start_kernel+0x190/0x3ca  \n[    0.000000]  \n[    0.000000] The buggy address belongs to stack of task swapper/0  \n[    0.000000]  and is located at offset 0 in frame:  \n[    0.000000]  stack_trace_save+0x0/0xa6  \n[    0.000000]  \n[    0.000000] This frame has 1 object:  \n[    0.000000]  [32, 56) 'c'  \n[    0.000000]  \n[    0.000000] The buggy address belongs to the physical page:  \n[    0.000000] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x81a07  \n[    0.000000] flags: 0x1000(reserved|zone=0)  \n[    0.000000] raw: 0000000000001000 ff600003f1e3d150 ff600003f1e3d150 0000000000000000  \n[    0.000000] raw: 0000000000000000 0000000000000000 00000001ffffffff  \n[    0.000000] page dumped because: kasan: bad access detected  \n[    0.000000]  \n[    0.000000] Memory state around the buggy address:  \n[    0.000000]  ffffffff81807b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  \n[    0.000000]  ffffffff81807b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  \n[    0.000000] >ffffffff81807c00: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 f3  \n[    0.000000]                                            ^  \n[    0.000000]  ffffffff81807c80: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00  \n[    0.000000]  ffffffff81807d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  \n[    0.000000] ==================================================================  \n  \nFix that by using READ_ONCE_NOCHECK when reading the stack in imprecise  \nmode. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-02T20:07:42.000000Z"}, {"uuid": "237b6b7a-5c76-4431-b8d7-a45839eee021", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-53135", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo7mr5i4pf2p", "content": "", "creation_timestamp": "2025-05-02T20:06:13.471408Z"}]}