Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-34328
HistoryJan 05, 2024 - 12:00 a.m.

CVE-2023-34328

2024-01-0500:00:00
ubuntu.com
ubuntu.com
11
amd cpus
xen
debugging functionality
denials of service

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.6

Confidence

High

EPSS

0.001

Percentile

42.0%

[This CNA information record relates to multiple CVEs; the text explains
which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since
~2014 have extensions to normal x86 debugging functionality. Xen supports
guests using these extensions. Unfortunately there are errors in Xen’s
handling of the guest state, leading to denials of service. 1)
CVE-2023-34327 - An HVM vCPU can end up operating in the context of a
previous vCPUs debug mask state. 2) CVE-2023-34328 - A PV vCPU can place a
breakpoint over the live GDT. This allows the PV vCPU to exploit XSA-156 /
CVE-2015-8104 and lock up the CPU entirely.

Notes

Author Note
mdeslaur hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.6

Confidence

High

EPSS

0.001

Percentile

42.0%