PT-2023-4323 · Linux+8 · Linux Kernel+8

Mauro Matteo Cascella

·

Published

2023-08-04

·

Updated

2023-11-29

·

CVE-2023-4155

CVSS v3.1

5.6

Medium

VectorAV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (CONFIG VMAP STACK).
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Race Condition

Time Of Check To Time Of Use

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-367

Related Identifiers

ALSA-2023:7077
ALT-PU-2023-5060
AZL-29700
BDU:2023-04658
CESA-2023_6901
CESA-2023_7077
CVE-2023-4155
DSA-5492-1
MGASA-2023-0295
MGASA-2023-0296
MGASA-2023-0328
MGASA-2023-0331
OPENSUSE-SU-2023_4035-1
OPENSUSE-SU-2023_4057-1
OPENSUSE-SU-2023_4058-1
OPENSUSE-SU-2023_4071-1
OPENSUSE-SU-2023_4072-1
OPENSUSE-SU-2023_4072-2
RHSA-2023:6583
RHSA-2023:6901
RHSA-2023:7077
RHSA-2023_6583
RHSA-2023_6901
RHSA-2023_7077
RHSA-2024:3859
RHSA-2024:4740
SUSE-SU-2023:4035-1
SUSE-SU-2023:4057-1
SUSE-SU-2023:4058-1
SUSE-SU-2023:4071-1
SUSE-SU-2023:4072-1
SUSE-SU-2023:4072-2
SUSE-SU-2023:4093-1
USN-6343-1
USN-6412-1
USN-6416-1
USN-6416-2
USN-6416-3
USN-6445-1
USN-6445-2
USN-6466-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu