Lucene search

K
nvd[email protected]NVD:CVE-2023-5090
HistoryNov 06, 2023 - 11:15 a.m.

CVE-2023-5090

2023-11-0611:15:09
CWE-755
web.nvd.nist.gov
1
kvm
x2apic
denial of service

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

0

Percentile

5.1%

A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition.

Affected configurations

NVD
Node
linuxlinux_kernelRange6.5
OR
linuxlinux_kernelMatch6.6rc1
OR
linuxlinux_kernelMatch6.6rc2
OR
linuxlinux_kernelMatch6.6rc3
OR
linuxlinux_kernelMatch6.6rc4
OR
linuxlinux_kernelMatch6.6rc5
OR
linuxlinux_kernelMatch6.6rc6
Node
redhatenterprise_linuxMatch8.0
OR
redhatenterprise_linuxMatch9.0

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

0

Percentile

5.1%