Lucene search

[email protected]NVD:CVE-2023-5090

HistoryNov 06, 2023 - 11:15 a.m.

CVE-2023-5090

2023-11-0611:15:09

CWE-755

[email protected]

web.nvd.nist.gov

kvm

x2apic

denial of service

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤6.5

linuxlinux_kernelMatch6.6rc1

linuxlinux_kernelMatch6.6rc2

linuxlinux_kernelMatch6.6rc3

linuxlinux_kernelMatch6.6rc4

linuxlinux_kernelMatch6.6rc5

linuxlinux_kernelMatch6.6rc6

Node

redhatenterprise_linuxMatch8.0

redhatenterprise_linuxMatch9.0

References

access.redhat.com/errata/RHSA-2024:3854

access.redhat.com/errata/RHSA-2024:3855

access.redhat.com/security/cve/CVE-2023-5090

bugzilla.redhat.com/show_bug.cgi?id=2248122

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-5090

redhatcve1 prion1 ubuntucve1 cvelist1 debiancve1 cve1 cbl_mariner1 openvas11 nessus16 osv8 ubuntu9 photon1 oraclelinux4 mageia2