1. Home
  2. Vulnerabilities
  3. CVE-2023-4155

CVE-2023-4155

CVSS v3.1 5.6 (Medium)
56% Progress
EPSS 0.04 % (10th)
0.04% Progress
Affected Products 3
Advisories 23
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (CONFIG_VMAP_STACK).

Weaknesses
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2023-09-13 17:15:10
(12 months ago)
Updated Date
2023-11-07 04:22:11
(10 months ago)

Affected Products

Fedoraproject

Linux

Redhat

Configuration #1

    CPE23 From Up To
  Linux Kernel cpe:2.3:o:linux:linux_kernel:-

Configuration #2

    CPE23 From Up To
  Redhat Enterprise Linux 8.0 cpe:2.3:o:redhat:enterprise_linux:8.0
  Redhat Enterprise Linux 9.0 cpe:2.3:o:redhat:enterprise_linux:9.0

Configuration #3

    CPE23 From Up To
  Fedoraproject Fedora 37 cpe:2.3:o:fedoraproject:fedora:37
  Fedoraproject Fedora 38 cpe:2.3:o:fedoraproject:fedora:38