CVE-2023-54167 in Linux
Summary
by MITRE • 12/30/2025
In the Linux kernel, the following vulnerability has been resolved:
m68k: mm: Move initrd phys_to_virt handling after paging_init()
When booting with an initial ramdisk on platforms where physical memory does not start at address zero (e.g. on Amiga):
initrd: 0ef0602c - 0f800000 Zone ranges: DMA [mem 0x0000000008000000-0x000000f7ffffffff]
Normal empty Movable zone start for each node Early memory node ranges node 0: [mem 0x0000000008000000-0x000000000f7fffff]
Initmem setup node 0 [mem 0x0000000008000000-0x000000000f7fffff]
Unable to handle kernel access at virtual address (ptrval) Oops: 00000000 Modules linked in: PC: [<00201d3c>] memcmp+0x28/0x56
As phys_to_virt() relies on m68k_memoffset and module_fixup(), it must not be called before paging_init(). Hence postpone the phys_to_virt handling for the initial ramdisk until after calling paging_init().
While at it, reduce #ifdef clutter by using IS_ENABLED() instead.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 01/06/2026
This vulnerability exists in the linux kernel's m68k architecture implementation where the initial ramdisk phys_to_virt handling occurs before paging_init() is called. The issue manifests specifically on platforms where physical memory does not start at address zero such as Amiga systems. During kernel boot process, the system attempts to map physical memory addresses to virtual addresses using phys_to_virt() function, but this function depends on m68k_memoffset and module_fixup() which are not yet initialized when called prematurely. The error occurs when the kernel tries to access virtual memory at address 0xef0602c which results in a kernel oops and system crash. This represents a classic timing dependency issue where subsystem initialization order is critical for proper system operation.
The technical flaw stems from improper initialization sequencing in the kernel boot process for m68k architecture. The phys_to_virt() function requires the paging subsystem to be fully initialized before it can correctly translate physical addresses to virtual addresses. When booting with an initial ramdisk on memory-mapped systems where physical memory starts above zero, the kernel attempts to perform address translation before the necessary paging structures are established. This creates a scenario where virtual address calculations fail, leading to kernel panics and system instability. The vulnerability is classified as a timing dependency issue that violates proper kernel initialization protocols, which aligns with CWE-362 - Concurrent Execution using Shared Resource Issues and CWE-665 - Improper Initialization.
The operational impact of this vulnerability is significant for embedded systems and retro computing platforms that rely on m68k architecture with non-zero physical memory mapping. Systems using Amiga or similar hardware configurations that boot with initial ramdisks will experience kernel crashes during the boot process, making them unusable. This affects not only general purpose computing but also specialized embedded applications where kernel-level stability is critical. The vulnerability essentially prevents proper system boot on affected platforms, creating a complete denial of service condition that requires kernel recompilation with the fix to resolve.
The fix implemented addresses the root cause by reordering the initialization sequence to ensure paging_init() is called before any phys_to_virt() operations on the initial ramdisk. This follows the established principle of proper subsystem initialization order that is fundamental to kernel design. Additionally, the patch reduces code complexity by replacing traditional #ifdef directives with IS_ENABLED() macro usage, which improves maintainability and reduces potential configuration-related bugs. This change aligns with ATT&CK technique T1070.004 - Indicator Removal on Host related to code cleanup and optimization. The mitigation approach ensures that memory management subsystems are properly initialized before address translation operations are performed, preventing the kernel from attempting to access invalid virtual addresses during boot. The fix specifically targets the m68k architecture's memory management implementation and follows established kernel development practices for handling architecture-specific initialization requirements.