PT-2023-2381 · Linux+8 · Linux Kernel+8

Reima Ishii

·

Published

2023-03-14

·

Updated

2025-03-19

·

CVE-2023-30456

CVSS v3.1

6.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.8
Description An issue was discovered in the Linux kernel related to the lack of consistency checks for CR0 and CR4 in nVMX on x86 64. This issue is associated with the function nested vmx check guest state() in the arch/x86/kvm/vmx/nested.c module of the KVM subsystem. Exploitation of this issue may allow an attacker to cause a denial of service in the guest operating system.
Recommendations For versions prior to 6.2.8, update to version 6.2.8 or later to resolve the issue. As a temporary workaround, consider restricting the use of the nested vmx check guest state() function until a patch is available.

Fix

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-754CWE-399

Related Identifiers

ALSA-2023:7077
ALT-PU-2023-1495
ALT-PU-2023-1539
ALT-PU-2023-5488
ALT-PU-2024-14046
ALT-PU-2024-6818
AZL-26046
BDU:2023-02162
CESA-2023_6901
CESA-2023_7077
CVE-2023-30456
DLA-3403-1
DLA-3404-1
LSN-0096-1
MGASA-2023-0148
MGASA-2023-0149
OESA-2023-1250
OESA-2023-1251
OESA-2023-1252
OESA-2023-1253
OPENSUSE-SU-2023_2646-1
OPENSUSE-SU-2023_2871-1
RHSA-2023:6583
RHSA-2023:6901
RHSA-2023:7077
RHSA-2023_6583
RHSA-2023_6901
RHSA-2023_7077
RHSA-2024:0930
RHSA-2024:1404
SUSE-SU-2023:2500-1
SUSE-SU-2023:2646-1
SUSE-SU-2023:2653-1
SUSE-SU-2023:2782-1
SUSE-SU-2023:2809-1
SUSE-SU-2023:2871-1
USN-6033-1
USN-6123-1
USN-6124-1
USN-6127-1
USN-6130-1
USN-6131-1
USN-6132-1
USN-6135-1
USN-6149-1
USN-6150-1
USN-6162-1
USN-6175-1
USN-6186-1
USN-6222-1
USN-6256-1
USN-6699-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu