Lucene search
XENCVELIST:CVE-2023-34328HistoryJan 05, 2024 - 4:34 p.m.
CVE-2023-34328 x86/AMD: Debug Mask handling
2024-01-0516:34:11
XEN
www.cve.org
1
amd
x86
debugging
xen
vulnerabilities
denial of service
[This CNA information record relates to multiple CVEs; the
text explains which aspects/vulnerabilities correspond to which CVE.]
AMD CPUs since ~2014 have extensions to normal x86 debugging functionality.
Xen supports guests using these extensions.
Unfortunately there are errors in Xen’s handling of the guest state, leading
to denials of service.
-
CVE-2023-34327 - An HVM vCPU can end up operating in the context of
a previous vCPUs debug mask state. -
CVE-2023-34328 - A PV vCPU can place a breakpoint over the live GDT.
This allows the PV vCPU to exploit XSA-156 / CVE-2015-8104 and lock
up the CPU entirely.
CNA Affected
[
{
"defaultStatus": "unknown",
"product": "Xen",
"vendor": "Xen",
"versions": [
{
"status": "unknown",
"version": "consult Xen advisory XSA-444"
}
]
}
]Related
debiancve
debiancve
cvelist
cvelist
CVE-2023-34327 x86/AMD: Debug Mask handling
2024-01-05 16:34:10
CVE-2015-8104
2015-11-16 00:00:00
prion
prion
Design/Logic Flaw
2024-01-05 17:15:00
Design/Logic Flaw
2024-01-05 17:15:00
Design/Logic Flaw
2015-11-16 11:59:00
ubuntucve
ubuntucve
nessus
nessus
Xen: x86/AMD: Debug Mask handling (XSA-444)
2023-10-12 00:00:00
Fedora 37 : xen (2023-881672fdab)
2023-10-26 00:00:00
Fedora 39 : xen (2023-de338d9f37)
2023-11-07 00:00:00
xen
xen
x86/AMD: Debug Mask handling
2023-10-10 12:00:00
x86: CPU lockup during exception delivery
2015-11-10 00:01:00
nvd
nvd
cve
cve
osv
osv
CVE-2023-34328
2024-01-05 17:15:08
CVE-2023-34327
2024-01-05 17:15:08
linux - security update
2015-12-17 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:4184-1)
2023-10-25 00:00:00
openSUSE: Security Advisory for xen (SUSE-SU-2023:4054-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:4183-1)
2023-10-25 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: xen-4.16.5-3.fc37
2023-10-27 01:11:56
[SECURITY] Fedora 38 Update: xen-4.17.2-4.fc38
2023-10-26 01:51:34
[SECURITY] Fedora 39 Update: xen-4.17.2-4.fc39
2023-11-03 18:56:30
veracode
veracode
Denial Of Service (DoS)
2023-11-30 20:56:50
Denial Of Service (DoS)
2023-11-30 20:56:35
redhat
redhat
(RHSA-2015:2552) Important: kernel security and bug fix update
2015-12-08 10:11:52
(RHSA-2016:0046) Important: kernel security update
2016-01-19 00:00:00
(RHSA-2016:0004) Important: kernel security update
2016-01-07 00:00:00
freebsd
freebsd
xen-kernel -- CPU lockup during exception delivery
2015-11-10 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2015-12-10 00:00:00
kernel security and bug fix update
2015-12-08 00:00:00
kernel security and bug fix update
2015-12-15 00:00:00
centos
centos
kernel, perf, python security update
2015-12-09 19:18:47
kernel, perf, python security update
2015-12-16 00:07:51
ubuntu
ubuntu
Linux kernel vulnerabilities
2015-12-17 00:00:00
Linux kernel vulnerabilities
2015-12-17 00:00:00
Linux kernel (Utopic HWE) vulnerabilities
2015-12-17 00:00:00
f5
f5
mageia
mageia
Updated kernel packages fix security vulnerabilities
2015-11-20 01:08:19
Updated kernel-linus packages fix security vulnerabilities
2016-06-22 22:08:04
cloudfoundry
cloudfoundry
USN-2842-1/USN-2842-2 Linux kernel vulnerability | Cloud Foundry
2016-01-07 00:00:00
debian
debian
[SECURITY] [DSA 3454-1] virtualbox security update
2016-01-26 23:24:54
[SECURITY] [DSA 3426-1] linux security update
2015-12-17 22:39:14
[SECURITY] [DSA 3426-1] linux security update
2015-12-17 22:39:14
citrix
citrix
Citrix Hypervisor Multiple Security Updates
2023-10-10 14:57:16
kaspersky
kaspersky
KLA10744 Multiple vulnerabilities in Oracle VM VirtualBox
2016-02-21 00:00:00
avleonov
avleonov
Parsing Nessus v2 XML reports with python
2020-03-09 01:12:00
suse
suse
Security update for the Linux Kernel (important)
2015-11-26 13:10:56
Security update for the Linux Kernel (important)
2016-02-05 21:12:31
Security update for the Linux Kernel (important)
2015-12-04 14:10:52