6

CVE-2023-5090

Kernel: kvm: svm: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs

A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 6.5
LinuxLinux Kernel Version6.6 Updaterc1
LinuxLinux Kernel Version6.6 Updaterc2
LinuxLinux Kernel Version6.6 Updaterc3
LinuxLinux Kernel Version6.6 Updaterc4
LinuxLinux Kernel Version6.6 Updaterc5
LinuxLinux Kernel Version6.6 Updaterc6
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Version9.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.139
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
secalert@redhat.com 6 1.5 4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CWE-755 Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

https://access.redhat.com/errata/RHSA-2024:2758
https://access.redhat.com/errata/RHSA-2024:3854
https://access.redhat.com/errata/RHSA-2024:3855
https://access.redhat.com/errata/RHSA-2024:4211
https://access.redhat.com/errata/RHSA-2024:4352
https://access.redhat.com/security/cve/CVE-2023-5090
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2248122
Patch
Issue Tracking