CVE-2023-52598 (GCVE-0-2023-52598)

Vulnerability from cvelistv5 – Published: 2024-03-06 06:45 – Updated: 2026-05-11 19:30
VLAI?
Title
s390/ptrace: handle setting of fpc register correctly
Summary
In the Linux kernel, the following vulnerability has been resolved: s390/ptrace: handle setting of fpc register correctly If the content of the floating point control (fpc) register of a traced process is modified with the ptrace interface the new value is tested for validity by temporarily loading it into the fpc register. This may lead to corruption of the fpc register of the tracing process: if an interrupt happens while the value is temporarily loaded into the fpc register, and within interrupt context floating point or vector registers are used, the current fp/vx registers are saved with save_fpu_regs() assuming they belong to user space and will be loaded into fp/vx registers when returning to user space. test_fp_ctl() restores the original user space fpc register value, however it will be discarded, when returning to user space. In result the tracer will incorrectly continue to run with the value that was supposed to be used for the traced process. Fix this by saving fpu register contents with save_fpu_regs() before using test_fp_ctl().
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 9977e886cbbc758b4b601a160b5825ba573b5ca8 , < 6ccf904aac0292e1f6b1a1be6c407c414f7cf713 (git)
Affected: 9977e886cbbc758b4b601a160b5825ba573b5ca8 , < 6d0822f2cc9b153bf2df49a84599195a2e0d21a8 (git)
Affected: 9977e886cbbc758b4b601a160b5825ba573b5ca8 , < 856caf2730ea18cb39e95833719c02a02447dc0a (git)
Affected: 9977e886cbbc758b4b601a160b5825ba573b5ca8 , < 28a1f492cb527f64593457a0a0f0d809b3f36c25 (git)
Affected: 9977e886cbbc758b4b601a160b5825ba573b5ca8 , < 7a4d6481fbdd661f9e40e95febb95e3dee82bad3 (git)
Affected: 9977e886cbbc758b4b601a160b5825ba573b5ca8 , < 02c6bbfb08bad78dd014e24c7b893723c15ec7a1 (git)
Affected: 9977e886cbbc758b4b601a160b5825ba573b5ca8 , < bdce67df7f12fb0409fbc604ce7c4254703f56d4 (git)
Affected: 9977e886cbbc758b4b601a160b5825ba573b5ca8 , < 8b13601d19c541158a6e18b278c00ba69ae37829 (git)
Create a notification for this product.
Linux Linux Affected: 4.3
Unaffected: 0 , < 4.3 (semver)
Unaffected: 4.19.307 , ≤ 4.19.* (semver)
Unaffected: 5.4.269 , ≤ 5.4.* (semver)
Unaffected: 5.10.210 , ≤ 5.10.* (semver)
Unaffected: 5.15.149 , ≤ 5.15.* (semver)
Unaffected: 6.1.77 , ≤ 6.1.* (semver)
Unaffected: 6.6.16 , ≤ 6.6.* (semver)
Unaffected: 6.7.4 , ≤ 6.7.* (semver)
Unaffected: 6.8 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52598",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-11T15:45:25.541876Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:58.271Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:03:21.151Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6ccf904aac0292e1f6b1a1be6c407c414f7cf713"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6d0822f2cc9b153bf2df49a84599195a2e0d21a8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/856caf2730ea18cb39e95833719c02a02447dc0a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/28a1f492cb527f64593457a0a0f0d809b3f36c25"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7a4d6481fbdd661f9e40e95febb95e3dee82bad3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/02c6bbfb08bad78dd014e24c7b893723c15ec7a1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bdce67df7f12fb0409fbc604ce7c4254703f56d4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8b13601d19c541158a6e18b278c00ba69ae37829"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/s390/kernel/ptrace.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6ccf904aac0292e1f6b1a1be6c407c414f7cf713",
              "status": "affected",
              "version": "9977e886cbbc758b4b601a160b5825ba573b5ca8",
              "versionType": "git"
            },
            {
              "lessThan": "6d0822f2cc9b153bf2df49a84599195a2e0d21a8",
              "status": "affected",
              "version": "9977e886cbbc758b4b601a160b5825ba573b5ca8",
              "versionType": "git"
            },
            {
              "lessThan": "856caf2730ea18cb39e95833719c02a02447dc0a",
              "status": "affected",
              "version": "9977e886cbbc758b4b601a160b5825ba573b5ca8",
              "versionType": "git"
            },
            {
              "lessThan": "28a1f492cb527f64593457a0a0f0d809b3f36c25",
              "status": "affected",
              "version": "9977e886cbbc758b4b601a160b5825ba573b5ca8",
              "versionType": "git"
            },
            {
              "lessThan": "7a4d6481fbdd661f9e40e95febb95e3dee82bad3",
              "status": "affected",
              "version": "9977e886cbbc758b4b601a160b5825ba573b5ca8",
              "versionType": "git"
            },
            {
              "lessThan": "02c6bbfb08bad78dd014e24c7b893723c15ec7a1",
              "status": "affected",
              "version": "9977e886cbbc758b4b601a160b5825ba573b5ca8",
              "versionType": "git"
            },
            {
              "lessThan": "bdce67df7f12fb0409fbc604ce7c4254703f56d4",
              "status": "affected",
              "version": "9977e886cbbc758b4b601a160b5825ba573b5ca8",
              "versionType": "git"
            },
            {
              "lessThan": "8b13601d19c541158a6e18b278c00ba69ae37829",
              "status": "affected",
              "version": "9977e886cbbc758b4b601a160b5825ba573b5ca8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/s390/kernel/ptrace.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.3"
            },
            {
              "lessThan": "4.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.307",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.269",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.210",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.149",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.77",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.307",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.269",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.210",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.149",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.77",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.16",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.4",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ptrace: handle setting of fpc register correctly\n\nIf the content of the floating point control (fpc) register of a traced\nprocess is modified with the ptrace interface the new value is tested for\nvalidity by temporarily loading it into the fpc register.\n\nThis may lead to corruption of the fpc register of the tracing process:\nif an interrupt happens while the value is temporarily loaded into the\nfpc register, and within interrupt context floating point or vector\nregisters are used, the current fp/vx registers are saved with\nsave_fpu_regs() assuming they belong to user space and will be loaded into\nfp/vx registers when returning to user space.\n\ntest_fp_ctl() restores the original user space fpc register value, however\nit will be discarded, when returning to user space.\n\nIn result the tracer will incorrectly continue to run with the value that\nwas supposed to be used for the traced process.\n\nFix this by saving fpu register contents with save_fpu_regs() before using\ntest_fp_ctl()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T19:30:05.510Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6ccf904aac0292e1f6b1a1be6c407c414f7cf713"
        },
        {
          "url": "https://git.kernel.org/stable/c/6d0822f2cc9b153bf2df49a84599195a2e0d21a8"
        },
        {
          "url": "https://git.kernel.org/stable/c/856caf2730ea18cb39e95833719c02a02447dc0a"
        },
        {
          "url": "https://git.kernel.org/stable/c/28a1f492cb527f64593457a0a0f0d809b3f36c25"
        },
        {
          "url": "https://git.kernel.org/stable/c/7a4d6481fbdd661f9e40e95febb95e3dee82bad3"
        },
        {
          "url": "https://git.kernel.org/stable/c/02c6bbfb08bad78dd014e24c7b893723c15ec7a1"
        },
        {
          "url": "https://git.kernel.org/stable/c/bdce67df7f12fb0409fbc604ce7c4254703f56d4"
        },
        {
          "url": "https://git.kernel.org/stable/c/8b13601d19c541158a6e18b278c00ba69ae37829"
        }
      ],
      "title": "s390/ptrace: handle setting of fpc register correctly",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52598",
    "datePublished": "2024-03-06T06:45:27.127Z",
    "dateReserved": "2024-03-02T21:55:42.572Z",
    "dateUpdated": "2026-05-11T19:30:05.510Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-52598",
      "date": "2026-05-21",
      "epss": "8e-05",
      "percentile": "0.00722"
    },
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ns390/ptrace: handle setting of fpc register correctly\\n\\nIf the content of the floating point control (fpc) register of a traced\\nprocess is modified with the ptrace interface the new value is tested for\\nvalidity by temporarily loading it into the fpc register.\\n\\nThis may lead to corruption of the fpc register of the tracing process:\\nif an interrupt happens while the value is temporarily loaded into the\\nfpc register, and within interrupt context floating point or vector\\nregisters are used, the current fp/vx registers are saved with\\nsave_fpu_regs() assuming they belong to user space and will be loaded into\\nfp/vx registers when returning to user space.\\n\\ntest_fp_ctl() restores the original user space fpc register value, however\\nit will be discarded, when returning to user space.\\n\\nIn result the tracer will incorrectly continue to run with the value that\\nwas supposed to be used for the traced process.\\n\\nFix this by saving fpu register contents with save_fpu_regs() before using\\ntest_fp_ctl().\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/ptrace: maneja la configuraci\\u00f3n del registro fpc correctamente Si el contenido del registro de control de punto flotante (fpc) de un proceso rastreado se modifica con la interfaz ptrace, se prueba el nuevo valor validez carg\\u00e1ndolo temporalmente en el registro fpc. Esto puede conducir a la corrupci\\u00f3n del registro fpc del proceso de seguimiento: si ocurre una interrupci\\u00f3n mientras el valor se carga temporalmente en el registro fpc, y dentro del contexto de interrupci\\u00f3n se utilizan registros de punto flotante o vectoriales, los registros fp/vx actuales se guardan con save_fpu_regs() suponiendo que pertenecen al espacio del usuario y se cargar\\u00e1n en los registros fp/vx cuando regresen al espacio del usuario. test_fp_ctl() restaura el valor del registro fpc del espacio de usuario original; sin embargo, se descartar\\u00e1 al regresar al espacio de usuario. Como resultado, el rastreador continuar\\u00e1 ejecut\\u00e1ndose incorrectamente con el valor que se supon\\u00eda que deb\\u00eda usarse para el proceso rastreado. Solucione este problema guardando el contenido del registro fpu con save_fpu_regs() antes de usar test_fp_ctl().\"}]",
      "id": "CVE-2023-52598",
      "lastModified": "2024-11-21T08:40:09.280",
      "published": "2024-03-06T07:15:09.990",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/02c6bbfb08bad78dd014e24c7b893723c15ec7a1\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/28a1f492cb527f64593457a0a0f0d809b3f36c25\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/6ccf904aac0292e1f6b1a1be6c407c414f7cf713\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/6d0822f2cc9b153bf2df49a84599195a2e0d21a8\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/7a4d6481fbdd661f9e40e95febb95e3dee82bad3\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/856caf2730ea18cb39e95833719c02a02447dc0a\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/8b13601d19c541158a6e18b278c00ba69ae37829\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/bdce67df7f12fb0409fbc604ce7c4254703f56d4\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/02c6bbfb08bad78dd014e24c7b893723c15ec7a1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/28a1f492cb527f64593457a0a0f0d809b3f36c25\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/6ccf904aac0292e1f6b1a1be6c407c414f7cf713\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/6d0822f2cc9b153bf2df49a84599195a2e0d21a8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/7a4d6481fbdd661f9e40e95febb95e3dee82bad3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/856caf2730ea18cb39e95833719c02a02447dc0a\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/8b13601d19c541158a6e18b278c00ba69ae37829\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/bdce67df7f12fb0409fbc604ce7c4254703f56d4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Awaiting Analysis"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-52598\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-03-06T07:15:09.990\",\"lastModified\":\"2025-02-14T16:40:38.513\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ns390/ptrace: handle setting of fpc register correctly\\n\\nIf the content of the floating point control (fpc) register of a traced\\nprocess is modified with the ptrace interface the new value is tested for\\nvalidity by temporarily loading it into the fpc register.\\n\\nThis may lead to corruption of the fpc register of the tracing process:\\nif an interrupt happens while the value is temporarily loaded into the\\nfpc register, and within interrupt context floating point or vector\\nregisters are used, the current fp/vx registers are saved with\\nsave_fpu_regs() assuming they belong to user space and will be loaded into\\nfp/vx registers when returning to user space.\\n\\ntest_fp_ctl() restores the original user space fpc register value, however\\nit will be discarded, when returning to user space.\\n\\nIn result the tracer will incorrectly continue to run with the value that\\nwas supposed to be used for the traced process.\\n\\nFix this by saving fpu register contents with save_fpu_regs() before using\\ntest_fp_ctl().\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/ptrace: maneja la configuraci\u00f3n del registro fpc correctamente Si el contenido del registro de control de punto flotante (fpc) de un proceso rastreado se modifica con la interfaz ptrace, se prueba el nuevo valor validez carg\u00e1ndolo temporalmente en el registro fpc. Esto puede conducir a la corrupci\u00f3n del registro fpc del proceso de seguimiento: si ocurre una interrupci\u00f3n mientras el valor se carga temporalmente en el registro fpc, y dentro del contexto de interrupci\u00f3n se utilizan registros de punto flotante o vectoriales, los registros fp/vx actuales se guardan con save_fpu_regs() suponiendo que pertenecen al espacio del usuario y se cargar\u00e1n en los registros fp/vx cuando regresen al espacio del usuario. test_fp_ctl() restaura el valor del registro fpc del espacio de usuario original; sin embargo, se descartar\u00e1 al regresar al espacio de usuario. Como resultado, el rastreador continuar\u00e1 ejecut\u00e1ndose incorrectamente con el valor que se supon\u00eda que deb\u00eda usarse para el proceso rastreado. Solucione este problema guardando el contenido del registro fpu con save_fpu_regs() antes de usar test_fp_ctl().\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.19.307\",\"matchCriteriaId\":\"4B4E1A83-9957-4265-94C0-516374C8CCFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.269\",\"matchCriteriaId\":\"319545F3-D56C-4751-BEBF-0505478BBAE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.210\",\"matchCriteriaId\":\"F5CB4CA6-A9A0-4AFD-9102-8CF94D708170\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.149\",\"matchCriteriaId\":\"0D0465BB-4053-4E15-9137-6696EBAE90FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.77\",\"matchCriteriaId\":\"0FA28946-970D-4F4D-B759-4E77B28809B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.16\",\"matchCriteriaId\":\"A5007D6A-4B58-423A-8A3A-A1A656A263C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.7.4\",\"matchCriteriaId\":\"848BC44C-9D25-4557-A50A-4B8BF310FA78\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/02c6bbfb08bad78dd014e24c7b893723c15ec7a1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/28a1f492cb527f64593457a0a0f0d809b3f36c25\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6ccf904aac0292e1f6b1a1be6c407c414f7cf713\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6d0822f2cc9b153bf2df49a84599195a2e0d21a8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7a4d6481fbdd661f9e40e95febb95e3dee82bad3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/856caf2730ea18cb39e95833719c02a02447dc0a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8b13601d19c541158a6e18b278c00ba69ae37829\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/bdce67df7f12fb0409fbc604ce7c4254703f56d4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/02c6bbfb08bad78dd014e24c7b893723c15ec7a1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/28a1f492cb527f64593457a0a0f0d809b3f36c25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6ccf904aac0292e1f6b1a1be6c407c414f7cf713\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6d0822f2cc9b153bf2df49a84599195a2e0d21a8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7a4d6481fbdd661f9e40e95febb95e3dee82bad3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/856caf2730ea18cb39e95833719c02a02447dc0a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8b13601d19c541158a6e18b278c00ba69ae37829\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/bdce67df7f12fb0409fbc604ce7c4254703f56d4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/6ccf904aac0292e1f6b1a1be6c407c414f7cf713\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/6d0822f2cc9b153bf2df49a84599195a2e0d21a8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/856caf2730ea18cb39e95833719c02a02447dc0a\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/28a1f492cb527f64593457a0a0f0d809b3f36c25\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/7a4d6481fbdd661f9e40e95febb95e3dee82bad3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/02c6bbfb08bad78dd014e24c7b893723c15ec7a1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/bdce67df7f12fb0409fbc604ce7c4254703f56d4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/8b13601d19c541158a6e18b278c00ba69ae37829\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T23:03:21.151Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-52598\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-11T15:45:25.541876Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:16.741Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"s390/ptrace: handle setting of fpc register correctly\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"9977e886cbbc758b4b601a160b5825ba573b5ca8\", \"lessThan\": \"6ccf904aac0292e1f6b1a1be6c407c414f7cf713\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9977e886cbbc758b4b601a160b5825ba573b5ca8\", \"lessThan\": \"6d0822f2cc9b153bf2df49a84599195a2e0d21a8\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9977e886cbbc758b4b601a160b5825ba573b5ca8\", \"lessThan\": \"856caf2730ea18cb39e95833719c02a02447dc0a\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9977e886cbbc758b4b601a160b5825ba573b5ca8\", \"lessThan\": \"28a1f492cb527f64593457a0a0f0d809b3f36c25\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9977e886cbbc758b4b601a160b5825ba573b5ca8\", \"lessThan\": \"7a4d6481fbdd661f9e40e95febb95e3dee82bad3\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9977e886cbbc758b4b601a160b5825ba573b5ca8\", \"lessThan\": \"02c6bbfb08bad78dd014e24c7b893723c15ec7a1\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9977e886cbbc758b4b601a160b5825ba573b5ca8\", \"lessThan\": \"bdce67df7f12fb0409fbc604ce7c4254703f56d4\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9977e886cbbc758b4b601a160b5825ba573b5ca8\", \"lessThan\": \"8b13601d19c541158a6e18b278c00ba69ae37829\", \"versionType\": \"git\"}], \"programFiles\": [\"arch/s390/kernel/ptrace.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.3\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.3\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.19.307\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.269\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.210\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.149\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.77\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.16\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.7.4\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.7.*\"}, {\"status\": \"unaffected\", \"version\": \"6.8\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"arch/s390/kernel/ptrace.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/6ccf904aac0292e1f6b1a1be6c407c414f7cf713\"}, {\"url\": \"https://git.kernel.org/stable/c/6d0822f2cc9b153bf2df49a84599195a2e0d21a8\"}, {\"url\": \"https://git.kernel.org/stable/c/856caf2730ea18cb39e95833719c02a02447dc0a\"}, {\"url\": \"https://git.kernel.org/stable/c/28a1f492cb527f64593457a0a0f0d809b3f36c25\"}, {\"url\": \"https://git.kernel.org/stable/c/7a4d6481fbdd661f9e40e95febb95e3dee82bad3\"}, {\"url\": \"https://git.kernel.org/stable/c/02c6bbfb08bad78dd014e24c7b893723c15ec7a1\"}, {\"url\": \"https://git.kernel.org/stable/c/bdce67df7f12fb0409fbc604ce7c4254703f56d4\"}, {\"url\": \"https://git.kernel.org/stable/c/8b13601d19c541158a6e18b278c00ba69ae37829\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ns390/ptrace: handle setting of fpc register correctly\\n\\nIf the content of the floating point control (fpc) register of a traced\\nprocess is modified with the ptrace interface the new value is tested for\\nvalidity by temporarily loading it into the fpc register.\\n\\nThis may lead to corruption of the fpc register of the tracing process:\\nif an interrupt happens while the value is temporarily loaded into the\\nfpc register, and within interrupt context floating point or vector\\nregisters are used, the current fp/vx registers are saved with\\nsave_fpu_regs() assuming they belong to user space and will be loaded into\\nfp/vx registers when returning to user space.\\n\\ntest_fp_ctl() restores the original user space fpc register value, however\\nit will be discarded, when returning to user space.\\n\\nIn result the tracer will incorrectly continue to run with the value that\\nwas supposed to be used for the traced process.\\n\\nFix this by saving fpu register contents with save_fpu_regs() before using\\ntest_fp_ctl().\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.19.307\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.269\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.210\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.149\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.77\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.16\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.7.4\", \"versionStartIncluding\": \"4.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.8\", \"versionStartIncluding\": \"4.3\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-01-05T10:16:29.535Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-52598\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-05T10:16:29.535Z\", \"dateReserved\": \"2024-03-02T21:55:42.572Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-03-06T06:45:27.127Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.