PT-2023-6555 · Kvm+9 · Kvm+9

Mauro Matteo Cascella

Publicado

2023-09-28

Atualizado

2024-12-19

CVE-2023-5090

CVSS v3.1

6.0

Média

Vetor

AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions KVM (affected versions not specified)

Description A flaw was found in KVM, related to an improper check in the svm set x2apic msr interception() function. This may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition. The issue is associated with an incorrect sequence of actions when switching to xapic mode.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Improper Handling of Exceptional Conditions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-703CWE-755CWE-399

Identificadores relacionados

ALSA-2024:2758

ALSA-2024:4211

ALSA-2024:4352

ALT-PU-2024-14046

ALT-PU-2024-6818

AZL-31943

BDU:2023-07317

CESA-2024_4211

CESA-2024_4352

CVE-2023-5090

INFSA-2024_2758

INFSA-2024_4211

INFSA-2024_4352

MGASA-2023-0328

MGASA-2023-0331

RHSA-2024:2758

RHSA-2024:3854

RHSA-2024:3855

RHSA-2024:4211

RHSA-2024:4352

RHSA-2024_2758

RHSA-2024_4211

RHSA-2024_4352

RLSA-2024:4211

RLSA-2024:4352

RXSA-2024:4211

USN-6497-1

USN-6502-1

USN-6502-2

USN-6502-3

USN-6502-4

USN-6503-1

USN-6520-1

USN-6537-1

USN-6572-1

Produtos afetados

Alt Linux

Almalinux

Astra Linux

Centos

Kvm

Linuxmint

Red Hat

Red Os

Rocky Linux

Ubuntu

PT-2023-6555 · Kvm+9 · Kvm+9

CVE-2023-5090

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 297