CVE-2023-53474

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53474
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53474.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53474
Downstream
Related
Published
2025-10-01T11:42:43.798Z
Modified
2026-03-09T23:49:28.825629Z
Summary
x86/MCE/AMD: Use an u64 for bank_map
Details

In the Linux kernel, the following vulnerability has been resolved:

x86/MCE/AMD: Use an u64 for bank_map

Thee maximum number of MCA banks is 64 (MAXNRBANKS), see

a0bc32b3cacf ("x86/mce: Increase maximum number of banks to 64").

However, the bank_map which contains a bitfield of which banks to initialize is of type unsigned int and that overflows when those bit numbers are >= 32, leading to UBSAN complaining correctly:

UBSAN: shift-out-of-bounds in arch/x86/kernel/cpu/mce/amd.c:1365:38 shift exponent 32 is too large for 32-bit type 'int'

Change the bankmap to a u64 and use the proper BITULL() macro when modifying bits in there.

[ bp: Rewrite commit message. ]

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53474.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a0bc32b3cacf194dc479b342f006203fd1e1941a
Fixed
a9b9ea0e63a0ec5e97bf1219ab6dcbd55e362f83
Fixed
11c58a0c1937c157dbdf82d5ab634d68c99f3098
Fixed
ba8ffb1251eb629c2ec35220e3896cf4f7b888a7
Fixed
9669fa17287c3af2bbd4868d4c8fdd9e57f8332e
Fixed
67bb7521b6420d81dab7538c0686f18f7d6d09f4
Fixed
4c1cdec319b9aadb65737c3eb1f5cb74bd6aa156

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53474.json"