{"id":"CVE-2023-53769","summary":"virt/coco/sev-guest: Double-buffer messages","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nvirt/coco/sev-guest: Double-buffer messages\n\nThe encryption algorithms read and write directly to shared unencrypted\nmemory, which may leak information as well as permit the host to tamper\nwith the message integrity. Instead, copy whole messages in or out as\nneeded before doing any computation on them.","modified":"2026-03-20T12:33:20.276585Z","published":"2025-12-08T01:19:32.417Z","related":["SUSE-SU-2026:0263-1","SUSE-SU-2026:0317-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53769.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/4b69c63f716cfda38e1210e65b68f67f6cee2ddf"},{"type":"WEB","url":"https://git.kernel.org/stable/c/577a64725bfd77645986168e953d405067ee565b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/965006103a14703cc42043bbf9b5e0cdf7a468ad"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c27dafc4aa50a29ec927b3aa84ac7b430071f682"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53769.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53769"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d5af44dde5461d125d1602ac913ab5c6bdf09b8b"},{"fixed":"577a64725bfd77645986168e953d405067ee565b"},{"fixed":"c27dafc4aa50a29ec927b3aa84ac7b430071f682"},{"fixed":"4b69c63f716cfda38e1210e65b68f67f6cee2ddf"},{"fixed":"965006103a14703cc42043bbf9b5e0cdf7a468ad"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53769.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.19.0"},{"fixed":"6.1.28"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.2.15"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.3.0"},{"fixed":"6.3.2"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53769.json"}}],"schema_version":"1.7.5"}