Xen: x86/AMD: Mismatch in IOMMU Quarantine Page Table Levels (XSA-445)

The current setup of quarantine page tables assumes that there are 4 page table levels, however the AMD-Vi IOMMU is configured with 3 page table levels for systems without RAM above the 512 GB boundary. Due to this level mismatch, the sink page the device gets read/write access to is no longer...

Memory Integrity Loss

amd64-microcode AMD CPU microcode patches is vulnerable to Memory Integrity Loss. The vulnerability is caused due to Improper or Unexpected behavior of the INVD instruction in some AMD CPUs. It can allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU...

AMD CPU Instruction Malpractice Vulnerability

AMD CPUs are a family of CPUs from AMD. The AMD CPUs suffer from an improper instruction vulnerability that stems from the fact that incorrect or unexpected behavior of the INVD instruction would allow an attacker with a malicious hypervisor to affect the cache line write-back behavior of the CPU...

Citrix Releases Security Updates for Citrix Hypervisor

Citrix has released security updates addressing vulnerabilities in Citrix Hypervisor 8.2 CU1 LTSR. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix Hypervisor Security Bulletin for...

SUSE CVE-2023-20519

A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity...

Vulnerabilities fixed in Citrix Hypervisor

Citrix has released an update to fix vulnerabilities in Citrix hypervisor. The vulnerability with reference CVE-2023-23583 allows a local malicious party to use a virtual guest system to compromise the host system via PCI passthrough. This vulnerability is only present when the vulnerable product...

Citrix Hypervisor Security Bulletin for CVE-2023-23583 and CVE-2023-46835

Description of Problem An issue has been discovered that affects Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged code in a guest VM to compromise an AMD-based host via a passed through PCI device CVE-2023-46835. In addition, Intel has disclosed a security issue affecting certain...

CVE-2023-20592

A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity. Mitigation...

CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

DEBIAN-CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

CVE-2023-20519

A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity...

CVE-2023-20519

A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity...

Input validation

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

Design/Logic Flaw

A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity...

UBUNTU-CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

CVE-2023-20592

CVE-2023-20592 covers AMD CPUs where improper behavior of the INVD instruction could let a malicious hypervisor affect cache line write-back and potentially compromise guest VM memory integrity. Public documents in the connected set describe the issue across multiple IBM Power HMC/LINUX-firmware ...

CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

CVE-2023-20519

A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity...