Lucene search

K
cveXENCVE-2023-34327
HistoryJan 05, 2024 - 5:15 p.m.

CVE-2023-34327

2024-01-0517:15:08
XEN
web.nvd.nist.gov
45
amd cpus
xen
debugging
vulnerabilities
denials of service
cve-2023-34327
cve-2023-34328

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.9

Confidence

Low

EPSS

0.001

Percentile

42.0%

[This CNA information record relates to multiple CVEs; the
text explains which aspects/vulnerabilities correspond to which CVE.]

AMD CPUs since ~2014 have extensions to normal x86 debugging functionality.
Xen supports guests using these extensions.

Unfortunately there are errors in Xen’s handling of the guest state, leading
to denials of service.

  1. CVE-2023-34327 - An HVM vCPU can end up operating in the context of
    a previous vCPUs debug mask state.

  2. CVE-2023-34328 - A PV vCPU can place a breakpoint over the live GDT.
    This allows the PV vCPU to exploit XSA-156 / CVE-2015-8104 and lock
    up the CPU entirely.

Affected configurations

Nvd
Node
xenxenRange4.5.0
VendorProductVersionCPE
xenxen*cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "product": "Xen",
    "vendor": "Xen",
    "versions": [
      {
        "status": "unknown",
        "version": "consult Xen advisory XSA-444"
      }
    ]
  }
]

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.9

Confidence

Low

EPSS

0.001

Percentile

42.0%