UBUNTU-CVE-2023-46842

See a problem?

Source

https://ubuntu.com/security/notices/UBUNTU-CVE-2023-46842

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-46842.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2023-46842

Related

CVE-2023-46842

Published

2024-05-16T14:15:00Z

Modified

2024-05-16T14:15:00Z

Summary

[none]

Details

Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of hypercalls takes a considerable amount of time, the hypervisor may choose to invoke a hypercall continuation. Doing so involves putting (perhaps updated) hypercall arguments in respective registers. For guests not running in 64-bit mode this further involves a certain amount of translation of the values. Unfortunately internal sanity checking of these translated values assumes high halves of registers to always be clear when invoking a hypercall. When this is found not to be the case, it triggers a consistency check in the hypervisor and causes a crash.

References

Affected packages

Ubuntu:Pro:16.04:LTS / xen

Package

Name: xen

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.5.1-0ubuntu1

4.5.1-0ubuntu2

4.6.0-1ubuntu1

4.6.0-1ubuntu2

4.6.0-1ubuntu4

4.6.0-1ubuntu4.1

4.6.0-1ubuntu4.2

4.6.0-1ubuntu4.3

4.6.5-0ubuntu1

4.6.5-0ubuntu1.1

4.6.5-0ubuntu1.2

4.6.5-0ubuntu1.4

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / xen

Package

Name: xen

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.9.0-0ubuntu3

4.9.0-0ubuntu4

4.9.2-0ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / xen

Package

Name: xen

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.9.2-0ubuntu2

4.9.2-0ubuntu6

4.9.2-0ubuntu7

4.11.3+24-g14b62ab3e5-1ubuntu1

4.11.3+24-g14b62ab3e5-1ubuntu2

4.11.3+24-g14b62ab3e5-1ubuntu2.2

4.11.3+24-g14b62ab3e5-1ubuntu2.3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / xen

Package

Name: xen

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.11.4+24-gddaaccbbab-1ubuntu2

4.16.0-1~ubuntu2

4.16.0-1~ubuntu2.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / xen

Package

Name: xen

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.17.2-1

4.17.2+55-g0b56bed864-1

4.17.2+76-ge1f9cb16e2-1

4.17.2+76-ge1f9cb16e2-1ubuntu1

4.17.3+10-g091466ba55-1

4.17.3+10-g091466ba55-1.1ubuntu2

4.17.3+10-g091466ba55-1.1ubuntu3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}