{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-52994","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-03-27T16:40:15.742Z","datePublished":"2025-03-27T16:43:28.893Z","dateUpdated":"2026-05-11T19:36:33.917Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:36:33.917Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nacpi: Fix suspend with Xen PV\n\nCommit f1e525009493 (\"x86/boot: Skip realmode init code when running as\nXen PV guest\") missed one code path accessing real_mode_header, leading\nto dereferencing NULL when suspending the system under Xen:\n\n    [  348.284004] PM: suspend entry (deep)\n    [  348.289532] Filesystems sync: 0.005 seconds\n    [  348.291545] Freezing user space processes ... (elapsed 0.000 seconds) done.\n    [  348.292457] OOM killer disabled.\n    [  348.292462] Freezing remaining freezable tasks ... (elapsed 0.104 seconds) done.\n    [  348.396612] printk: Suspending console(s) (use no_console_suspend to debug)\n    [  348.749228] PM: suspend devices took 0.352 seconds\n    [  348.769713] ACPI: EC: interrupt blocked\n    [  348.816077] BUG: kernel NULL pointer dereference, address: 000000000000001c\n    [  348.816080] #PF: supervisor read access in kernel mode\n    [  348.816081] #PF: error_code(0x0000) - not-present page\n    [  348.816083] PGD 0 P4D 0\n    [  348.816086] Oops: 0000 [#1] PREEMPT SMP NOPTI\n    [  348.816089] CPU: 0 PID: 6764 Comm: systemd-sleep Not tainted 6.1.3-1.fc32.qubes.x86_64 #1\n    [  348.816092] Hardware name: Star Labs StarBook/StarBook, BIOS 8.01 07/03/2022\n    [  348.816093] RIP: e030:acpi_get_wakeup_address+0xc/0x20\n\nFix that by adding an optional acpi callback allowing to skip setting\nthe wakeup address, as in the Xen PV case this will be handled by the\nhypervisor anyway."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/x86/include/asm/acpi.h","drivers/acpi/sleep.c"],"versions":[{"version":"b1898793777fe10a31c160bb8bc385d6eea640c6","lessThan":"b96903b7fc8c82ddfd92df4cdd83db3e567da0a5","status":"affected","versionType":"git"},{"version":"f1e525009493cbd569e7c8dd7d58157855f8658d","lessThan":"fe0ba8c23f9a35b0307eb662f16dd3a75fcdae41","status":"affected","versionType":"git"},{"version":"3414632beaadf635a4affd4ae278297978640965","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["arch/x86/include/asm/acpi.h","drivers/acpi/sleep.c"],"versions":[{"version":"6.1.2","lessThan":"6.1.9","status":"affected","versionType":"semver"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.2","versionEndExcluding":"6.1.9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/b96903b7fc8c82ddfd92df4cdd83db3e567da0a5"},{"url":"https://git.kernel.org/stable/c/fe0ba8c23f9a35b0307eb662f16dd3a75fcdae41"}],"title":"acpi: Fix suspend with Xen PV","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"id":"CVE-2023-52994","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2025-10-01T20:08:13.653674Z"}}}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-476","description":"CWE-476 NULL Pointer Dereference"}]}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-01T20:17:03.878Z"}}]}}