PT-2023-2381 · Linux+8 · Linux Kernel+8

Reima Ishii

·

Publicado

2023-03-14

·

Atualizado

2025-03-19

·

CVE-2023-30456

CVSS v3.1

6.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.8
Description An issue was discovered in the Linux kernel related to the lack of consistency checks for CR0 and CR4 in nVMX on x86 64. This issue is associated with the function nested vmx check guest state() in the arch/x86/kvm/vmx/nested.c module of the KVM subsystem. Exploitation of this issue may allow an attacker to cause a denial of service in the guest operating system.
Recommendations For versions prior to 6.2.8, update to version 6.2.8 or later to resolve the issue. As a temporary workaround, consider restricting the use of the nested vmx check guest state() function until a patch is available.

Correção

Improper Check for Exceptional Conditions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-754CWE-399

Identificadores relacionados

ALSA-2023:7077
ALT-PU-2023-1495
ALT-PU-2023-1539
ALT-PU-2023-5488
ALT-PU-2024-14046
ALT-PU-2024-6818
AZL-26046
BDU:2023-02162
CESA-2023_6901
CESA-2023_7077
CVE-2023-30456
DLA-3403-1
DLA-3404-1
LSN-0096-1
MGASA-2023-0148
MGASA-2023-0149
OESA-2023-1250
OESA-2023-1251
OESA-2023-1252
OESA-2023-1253
OPENSUSE-SU-2023_2646-1
OPENSUSE-SU-2023_2871-1
RHSA-2023:6583
RHSA-2023:6901
RHSA-2023:7077
RHSA-2023_6583
RHSA-2023_6901
RHSA-2023_7077
RHSA-2024:0930
RHSA-2024:1404
SUSE-SU-2023:2500-1
SUSE-SU-2023:2646-1
SUSE-SU-2023:2653-1
SUSE-SU-2023:2782-1
SUSE-SU-2023:2809-1
SUSE-SU-2023:2871-1
USN-6033-1
USN-6123-1
USN-6124-1
USN-6127-1
USN-6130-1
USN-6131-1
USN-6132-1
USN-6135-1
USN-6149-1
USN-6150-1
USN-6162-1
USN-6175-1
USN-6186-1
USN-6222-1
USN-6256-1
USN-6699-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu