VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 30, 2025· Updated Apr 15, 2026

CVE-2023-54172

CVE-2023-54172

Description

In the Linux kernel, the following vulnerability has been resolved:

x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction

On hardware that supports Indirect Branch Tracking (IBT), Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-V have a bug in that there's not an ENDBR64 instruction at the beginning of the hypercall page. Since hypercalls are made with an indirect call to the hypercall page, all hypercall attempts fail with an exception and Linux panics.

A Hyper-V fix is in progress to add ENDBR64. But guard against the Linux panic by clearing X86_FEATURE_IBT if the hypercall page doesn't start with ENDBR. The VM will boot and run without IBT.

If future Linux 32-bit kernels were to support IBT, additional hypercall page hackery would be needed to make IBT work for such kernels in a Hyper-V VM.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Linux kernel panics on Hyper-V when IBT is enabled because the hypercall page lacks an ENDBR64 instruction; the fix disables IBT to prevent the crash.

Vulnerability

In the Linux kernel, a bug in Hyper-V causes a panic on hardware supporting Indirect Branch Tracking (IBT). The hypercall page, used for guest-to-hypervisor communication, is missing an ENDBR64 instruction at its start. Since hypercalls are performed via indirect calls to this page, the absence of ENDBR64 triggers an IBT enforcement exception, crashing the system with a kernel panic [1].

Exploitation and

Impact

An attacker with the ability to boot a Linux VM on a vulnerable Hyper-V host could trigger the panic, but the issue is primarily a denial-of-service condition. The prerequisite is a Hyper-V ConfigVersion 9.3 or later with IBT enabled in the guest. No special privileges are needed beyond the ability to run a Linux kernel. The impact is a complete system halt, preventing any further operation until the VM is restarted with IBT disabled [1].

Mitigation

Status

The fix, applied in the Linux kernel stable tree, disables IBT (clears X86_FEATURE_IBT) if the hypercall page does not begin with ENDBR64. This allows the VM to boot and run without IBT, sacrificing the protection of IBT for stability. A separate fix in Hyper-V to add the missing ENDBR64 instruction is reportedly in progress [1].

References
  1. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

3
98cccbd0a19a
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
73626b70b361
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
d5ace2a77644
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.