LiveActive security incident?Get immediate response
CVE Record

CVE-2023-53702: s390/crypto: use vector instructions only if available for ChaCha20

In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03ffd5f6 ("crypto: s390 - add crypto library interface for ChaCha20") added a library interface to the s390 specific ChaCha20 implementation. However no check was added to verify if the required facilities are installed before branching into the assembler code. If compiled into the kernel, this will lead to the following crash, if vector instructions are not available: data exception: 0007 ilc:3 [#1] SMP Modules linked in: CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.3.0-rc7+ #11 Hardware name: IBM 3931 A01 704 (KVM/Linux) Krnl PSW : 0704e00180000000 000000001857277a (chacha20_vx+0x32/0x818) R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3 Krnl GPRS: 0000037f0000000a ffffffffffffff60 000000008184b000 0000000019f5c8e6 0000000000000109 0000037fffb13c58 0000037fffb13c78 0000000019bb1780 0000037fffb13c58 0000000019f5c8e6 000000008184b000 0000000000000109 00000000802d8000 0000000000000109 0000000018571ebc 0000037fffb13718 Krnl Code: 000000001857276a: c07000b1f80b larl %r7,0000000019bb1780 0000000018572770: a708000a lhi %r0,10 #0000000018572774: e78950000c36 vlm %v24,%v25,0(%r5),0 >000000001857277a: e7a060000806 vl %v26,0(%r6),0 0000000018572780: e7bf70004c36 vlm %v27,%v31,0(%r7),4 0000000018572786: e70b00000456 vlr %v0,%v27 000000001857278c: e71800000456 vlr %v1,%v24 0000000018572792: e74b00000456 vlr %v4,%v27 Call Trace: [<000000001857277a>] chacha20_vx+0x32/0x818 Last Breaking-Event-Address: [<0000000018571eb6>] chacha20_crypt_s390.constprop.0+0x6e/0xd8 ---[ end trace 0000000000000000 ]--- Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b Fix this by adding a missing MACHINE_HAS_VX check. [agordeev@linux.ibm.com: remove duplicates in commit message]

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysismoderate

Security readout for executives and security teams

Plain-English summary

This Linux kernel issue affects IBM s390 systems in a specific crypto path. If the kernel uses the s390 ChaCha20 implementation on hardware or virtual machines without required vector instructions, the system can crash and panic. The main business risk is availability disruption on affected s390 workloads, not data theft based on the provided sources.

Executive priority

Handle this as a targeted availability risk for IBM s390 Linux estates. It does not justify broad emergency response from the provided evidence, but affected production mainframe or virtualized s390 systems should be patched during the next urgent maintenance window.

Technical view

The s390 ChaCha20 crypto library interface added by commit 349d03ffd5f6 branched into vector assembler without first checking whether vector facilities were available. On VX-less s390 systems, this can trigger a data exception in chacha20_vx and kernel panic. The fix adds a MACHINE_HAS_VX availability check.

Likely exposure

Exposure appears limited to Linux kernels on s390/s390x platforms where the affected ChaCha20 implementation is compiled in and vector instructions are unavailable. The source lists Linux 5.19, 6.1.30, 6.3.4, and 6.4 as affected version markers, but distro backports may vary.

Exploitation context

The provided bundle does not show active exploitation, KEV listing, public exploit code, or remote attack conditions. The evidence describes a crash condition caused by missing CPU facility checking. Treat exploitability as unclear unless vendor advisories identify reachable workloads or threat scenarios.

Researcher notes

The record lacks CVSS, CWE, and detailed reachability conditions. Analysis should focus on kernel version lineage, s390 hardware facility exposure, and whether local crypto users can trigger the vulnerable ChaCha20 path. Do not assume remote exploitability without additional vendor evidence.

Mitigation direction

  • Update affected Linux kernels to a vendor build containing the referenced stable fixes.
  • For distro kernels, follow vendor advisories and confirm the s390 crypto fix is backported.
  • For custom kernels, verify the s390 ChaCha20 path checks MACHINE_HAS_VX before vector code.
  • Prioritize s390 systems running workloads where kernel panic would cause material service outage.

Validation and detection

  • Inventory Linux s390/s390x hosts and record exact kernel versions and vendor patch levels.
  • Check whether affected kernels include the referenced stable commit for the MACHINE_HAS_VX fix.
  • Confirm whether systems lack required vector facilities, especially in virtualized s390 environments.
  • Review crash logs for chacha20_vx data exceptions or kernel panic traces matching the source.
Prepared
Confidence
medium
Sources
5

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2023-53702 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
0ADP providers
4Source links

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinux349d03ffd5f62c298fd667ffa397c3fdc5c6194b, 349d03ffd5f62c298fd667ffa397c3fdc5c6194b, 349d03ffd5f62c298fd667ffa397c3fdc5c6194bunaffected
LinuxLinux5.19, 0, 6.1.30, 6.3.4, 6.4affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.