CVE-2023-52750: 
Linux Kernel vulnerability analysis and mitigation

CVE-2023-52750 affects the Linux kernel's arm64 architecture implementation. The vulnerability is related to incorrect byte-swapping of NOP instructions when compiling for big-endian systems using LLVM's integrated assembler versions prior to 15.0.0. This issue was discovered when the kernel changed how it handles FPSIMD capabilities (Kernel Commit).

The vulnerability occurs when LLVM's integrated assembler incorrectly byte-swaps NOP instructions in big-endian mode, resulting in the bytes matching the encoding of FNMADD S21, S30, S0, S0 instruction. This issue became apparent after changes in how the kernel handles FPSIMD capabilities. Prior to the change, FPSIMD was enabled early in boot during _cpusetup() initialization of CPACR_EL1, which masked the issue. After the change, these incorrect instructions would trap during boot before FPSIMD detection (Kernel Commit).

The vulnerability could result in corruption of user or kernel FPSIMD state when using affected LLVM versions for big-endian ARM64 systems. When triggered, it can cause kernel panics with unhandled exceptions during system boot (Kernel Commit).

The fix involves restricting CONFIGCPUBIG_ENDIAN to known good assemblers, specifically either GNU assembler or LLVM's Integrated Assembler (IAS) version 15.0.0 and newer. This was implemented through a Kconfig change that adds version checking for the assembler (Kernel Commit).