CVE-2023-53702
Description
In the Linux kernel, the following vulnerability has been resolved:
s390/crypto: use vector instructions only if available for ChaCha20
Commit 349d03ffd5f6 ("crypto: s390 - add crypto library interface for ChaCha20") added a library interface to the s390 specific ChaCha20 implementation. However no check was added to verify if the required facilities are installed before branching into the assembler code.
If compiled into the kernel, this will lead to the following crash, if vector instructions are not available:
data exception: 0007 ilc:3 [#1] SMP Modules linked in: CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.3.0-rc7+ #11 Hardware name: IBM 3931 A01 704 (KVM/Linux) Krnl PSW : 0704e00180000000 000000001857277a (chacha20_vx+0x32/0x818) R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3 Krnl GPRS: 0000037f0000000a ffffffffffffff60 000000008184b000 0000000019f5c8e6 0000000000000109 0000037fffb13c58 0000037fffb13c78 0000000019bb1780 0000037fffb13c58 0000000019f5c8e6 000000008184b000 0000000000000109 00000000802d8000 0000000000000109 0000000018571ebc 0000037fffb13718 Krnl Code: 000000001857276a: c07000b1f80b larl %r7,0000000019bb1780 0000000018572770: a708000a lhi %r0,10 #0000000018572774: e78950000c36 vlm %v24,%v25,0(%r5),0 >000000001857277a: e7a060000806 vl %v26,0(%r6),0 0000000018572780: e7bf70004c36 vlm %v27,%v31,0(%r7),4 0000000018572786: e70b00000456 vlr %v0,%v27 000000001857278c: e71800000456 vlr %v1,%v24 0000000018572792: e74b00000456 vlr %v4,%v27 Call Trace: [<000000001857277a>] chacha20_vx+0x32/0x818 Last Breaking-Event-Address: [<0000000018571eb6>] chacha20_crypt_s390.constprop.0+0x6e/0xd8 ---[ end trace 0000000000000000 ]--- Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
Fix this by adding a missing MACHINE_HAS_VX check.
[agordeev@linux.ibm.com: remove duplicates in commit message]
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Linux kernel s390 ChaCha20 missing vector instruction check causes kernel panic on systems without VX.
Vulnerability
Description The s390-specific ChaCha20 implementation in the Linux kernel was added via commit 349d03ffd5f6 without verifying the availability of vector instructions (MACHINE_HAS_VX). When compiled into the kernel and run on hardware lacking these instructions, execution branches into assembler code that uses vector instructions, causing a data exception and kernel panic [1].
Exploitation
Conditions The vulnerability can only be triggered if the kernel is built with CONFIG_CRYPTO_CHACHA20_S390 and booted on a system that does not support vector instructions (e.g., older IBM z/Architecture models or KVM guests without vector facility enabled). The crash occurs early during boot, preventing the system from starting [1].
Impact
An attacker with local access or control over the boot process could cause a denial of service by booting the affected kernel on incompatible hardware. However, the primary impact is system instability due to the lack of a facility check [1].
Mitigation
The fix adds a missing MACHINE_HAS_VX check before calling the vector-optimized code, ensuring that the library interface falls back to a scalar implementation when vector instructions are unavailable. This patch has been applied to the stable kernel tree [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
325e8d30507aadebb7797bba08703dd6b238dVulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3News mentions
0No linked articles in our index yet.