Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-34327
HistoryJan 05, 2024 - 12:00 a.m.

CVE-2023-34327

2024-01-0500:00:00
ubuntu.com
ubuntu.com
12
amd cpus
x86 debugging
xen
guest state
denials of service

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.6

Confidence

High

EPSS

0.001

Percentile

42.0%

[This CNA information record relates to multiple CVEs; the text explains
which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since
~2014 have extensions to normal x86 debugging functionality. Xen supports
guests using these extensions. Unfortunately there are errors in Xen’s
handling of the guest state, leading to denials of service. 1)
CVE-2023-34327 - An HVM vCPU can end up operating in the context of a
previous vCPUs debug mask state. 2) CVE-2023-34328 - A PV vCPU can place a
breakpoint over the live GDT. This allows the PV vCPU to exploit XSA-156 /
CVE-2015-8104 and lock up the CPU entirely.

Notes

Author Note
mdeslaur hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.6

Confidence

High

EPSS

0.001

Percentile

42.0%