Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-4155HistorySep 13, 2023 - 5:15 p.m.
CVE-2023-4155
2023-09-1317:15:10
Debian Security Bug Tracker
security-tracker.debian.org
8
kvm
amd
sev
linux kernel
stack overflow
denial of service
guest-to-host escape
stack guard pages
0.0004 Low
EPSS
Percentile
8.3%
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (CONFIG_VMAP_STACK).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | <Â 6.1.52-1 | linux_6.1.52-1_all.deb |
| Debian | 11 | all | linux | <Â 5.10.209-2 | linux_5.10.209-2_all.deb |
| Debian | 10 | all | linux | <Â 4.19.249-2 | linux_4.19.249-2_all.deb |
| Debian | 999 | all | linux | <Â 6.4.11-1 | linux_6.4.11-1_all.deb |
| Debian | 13 | all | linux | <Â 6.4.11-1 | linux_6.4.11-1_all.deb |
Related
cnvd
cnvd
Linux kernel conditional contention vulnerability (CNVD-2023-71721)
2023-09-12 00:00:00
ubuntucve
ubuntucve
CVE-2023-4155
2023-08-09 00:00:00
cvelist
cvelist
CVE-2023-4155 Sev-es / sev-snp vmgexit double fetch vulnerability
2023-09-13 16:11:39
prion
prion
Race condition
2023-09-13 17:15:00
cve
cve
CVE-2023-4155
2023-09-13 17:15:10
redhatcve
redhatcve
CVE-2023-4155
2023-08-07 07:48:52
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2023-4806, CVE-2023-4155, CVE-2023-4527)
2024-01-24 19:00:38
Security Bulletin: Vulnerabilities in Linux Kernel might affect IBM Spectrum Copy Data Management
2024-01-12 16:32:54
Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps
2023-12-18 18:02:34
fedora
fedora
[SECURITY] Fedora 38 Update: kernel-6.4.10-200.fc38
2023-08-14 01:34:28
[SECURITY] Fedora 37 Update: kernel-6.4.10-100.fc37
2023-08-14 00:47:18
openvas
openvas
Fedora: Security Advisory for kernel (FEDORA-2023-ee241dcf80)
2023-08-15 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2023-d9509be489)
2023-08-14 00:00:00
Mageia: Security Advisory (MGASA-2023-0295)
2023-10-23 00:00:00
nessus
nessus
Fedora 37 : kernel (2023-d9509be489)
2023-08-14 00:00:00
Fedora 38 : kernel (2023-ee241dcf80)
2023-08-14 00:00:00
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6343-1)
2023-09-06 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2023-10-23 00:04:51
Updated kernel-linus packages fix security vulnerabilities
2023-10-23 00:04:51
Updated kernel-linus packages fix security vulnerabilities
2023-11-30 01:29:41
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2023-09-06 00:00:00
Linux kernel vulnerabilities
2023-10-04 00:00:00
Linux kernel vulnerabilities
2023-10-06 00:00:00
osv
osv
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0101
2023-09-26 00:00:00
debian
debian
[SECURITY] [DSA 5492-1] linux security update
2023-09-09 21:40:33
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2023-11-12 00:00:00
kernel security, bug fix, and enhancement update
2023-11-17 00:00:00
redhat
redhat
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2023-11-14 00:00:00