CVE-2023-46842

Name of the Vulnerable Software and Affected Versions Xen (affected versions not specified)

Description The issue is related to the x86 HVM hypercall handler in the Xen hypervisor. HVM guests can switch freely between 64-bit and other modes, allowing them to set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of hypercalls takes a considerable amount of time, the hypervisor may choose to invoke a hypercall continuation, which involves putting updated hypercall arguments in respective registers. For guests not running in 64-bit mode, this further involves a certain amount of translation of the values. Unfortunately, internal sanity checking of these translated values assumes high halves of registers to always be clear when invoking a hypercall. When this is found not to be the case, it triggers a consistency check in the hypervisor and causes a crash. A HVM or PVH guest can cause a hypervisor crash, resulting in a Denial of Service (DoS) of the entire host.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.