1. Home
  2. Vulnerabilities
  3. CVE-2023-0045

CVE-2023-0045

CVSS v3.1 7.5 (High)
75% Progress
EPSS 0.22 % (61th)
0.22% Progress
Affected Products 13
Advisories 43
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set  function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall.  The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176.

We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96

Weaknesses
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
CVE Status
PUBLISHED
CNA
Google Inc.
Published Date
2023-04-25 23:15:09
(16 months ago)
Updated Date
2023-08-11 19:53:56
(13 months ago)

Affected Products

Debian

Linux

Netapp

Configuration #1

    CPE23 From Up To
  Linux Kernel from 3.16.68 version and prior 3.17 version cpe:2.3:o:linux:linux_kernel >= 3.16.68 < 3.17
  Linux Kernel from 4.4.180 version and prior 4.5 version cpe:2.3:o:linux:linux_kernel >= 4.4.180 < 4.5
  Linux Kernel from 4.9.176 version and prior 4.10 version cpe:2.3:o:linux:linux_kernel >= 4.9.176 < 4.10
  Linux Kernel from 4.14.86 version and prior 4.14.303 version cpe:2.3:o:linux:linux_kernel >= 4.14.86 < 4.14.303
  Linux Kernel from 4.19.7 version and prior 4.19.270 version cpe:2.3:o:linux:linux_kernel >= 4.19.7 < 4.19.270
  Linux Kernel from 4.20 version and prior 5.4.229 version cpe:2.3:o:linux:linux_kernel >= 4.20 < 5.4.229
  Linux Kernel from 5.5.0 version and prior 5.10.163 version cpe:2.3:o:linux:linux_kernel >= 5.5.0 < 5.10.163
  Linux Kernel from 5.11 version and prior 5.15.87 version cpe:2.3:o:linux:linux_kernel >= 5.11 < 5.15.87
  Linux Kernel from 5.16 version and prior 6.0.19 version cpe:2.3:o:linux:linux_kernel >= 5.16 < 6.0.19
  Linux Kernel from 6.1 version and prior 6.1.5 version cpe:2.3:o:linux:linux_kernel >= 6.1 < 6.1.5

Configuration #2

    CPE23 From Up To
  Debian Linux 10.0 cpe:2.3:o:debian:debian_linux:10.0

Configuration #3

    CPE23 From Up To
  Netapp Active Iq Unified Manager for Vmware Vsphere cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere

Configuration #4

AND
    CPE23 From Up To
OR  
  Netapp H300s Firmware cpe:2.3:o:netapp:h300s_firmware:-
OR  
  Running on/with
  Netapp H300s cpe:2.3:h:netapp:h300s:-

Configuration #5

AND
    CPE23 From Up To
OR  
  Netapp H500s Firmware cpe:2.3:o:netapp:h500s_firmware:-
OR  
  Running on/with
  Netapp H500s cpe:2.3:h:netapp:h500s:-

Configuration #6

AND
    CPE23 From Up To
OR  
  Netapp H700s Firmware cpe:2.3:o:netapp:h700s_firmware:-
OR  
  Running on/with
  Netapp H700s cpe:2.3:h:netapp:h700s:-

Configuration #7

AND
    CPE23 From Up To
OR  
  Netapp H410s Firmware cpe:2.3:o:netapp:h410s_firmware:-
OR  
  Running on/with
  Netapp H410s cpe:2.3:h:netapp:h410s:-

Configuration #8

AND
    CPE23 From Up To
OR  
  Netapp H410c Firmware cpe:2.3:o:netapp:h410c_firmware:-
OR  
  Running on/with
  Netapp H410c cpe:2.3:h:netapp:h410c:-