CVE-2023-46839
- EPSS 0.81%
- Veröffentlicht 20.03.2024 11:15:08
- Zuletzt bearbeitet 13.01.2026 15:03:22
PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding reques...
CVE-2023-46840
- EPSS 0.26%
- Veröffentlicht 20.03.2024 11:15:08
- Zuletzt bearbeitet 13.01.2026 14:50:49
Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen.
CVE-2023-46841
- EPSS 0.27%
- Veröffentlicht 20.03.2024 11:15:08
- Zuletzt bearbeitet 04.11.2025 19:16:05
Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (CET). A sub-feature of this are Shadow Stacks (CET-SS). CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, tradit...
CVE-2024-2193
- EPSS 1.23%
- Veröffentlicht 15.03.2024 18:15:08
- Zuletzt bearbeitet 15.04.2026 00:35:42
A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data ...
CVE-2023-46835
- EPSS 0.28%
- Veröffentlicht 05.01.2024 17:15:11
- Zuletzt bearbeitet 04.11.2025 20:17:10
The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table levels. However dom_io being a PV domain gets the AMD-...
CVE-2023-46836
- EPSS 0.25%
- Veröffentlicht 05.01.2024 17:15:11
- Zuletzt bearbeitet 04.11.2025 20:17:10
The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown (XPT...
CVE-2023-46837
- EPSS 0.24%
- Veröffentlicht 05.01.2024 17:15:11
- Zuletzt bearbeitet 04.11.2025 19:16:04
Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a...
CVE-2023-34321
- EPSS 0.26%
- Veröffentlicht 05.01.2024 17:15:08
- Zuletzt bearbeitet 04.11.2025 20:16:30
Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a...
CVE-2023-34322
- EPSS 0.23%
- Veröffentlicht 05.01.2024 17:15:08
- Zuletzt bearbeitet 04.11.2025 20:16:30
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tab...
CVE-2023-34323
- EPSS 0.26%
- Veröffentlicht 05.01.2024 17:15:08
- Zuletzt bearbeitet 04.11.2025 20:16:30
When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunat...