CVE-2023-4155
CVSS v3.1
5.6 (Medium)
EPSS
0.04 % (10th)
Affected Products
3
Advisories
23
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT
handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (CONFIG_VMAP_STACK
).
Weaknesses
- CWE-367
- Time-of-check Time-of-use (TOCTOU) Race Condition
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2023-09-13 17:15:10
(12 months ago) - Updated Date
-
2023-11-07 04:22:11
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...