VDB
CVE-2023-46842
CVE-2023-46842
PUBLISHED
Es bestehen mehrere Schwachstellen in Xen. Diese Fehler bestehen in den HVM-Hyperaufrufen und während der BTC/SRSO-Abschwächungen aufgrund einer unsachgemäßen Fehlerprüfung und eines logischen Fehlers. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
EPSS 2.09% · 84.3th percentile
Risk Scores
EPSS Score
2.09%
84.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Citrix Systems | Citrix Systems Hypervisor 8.2 Cumulative Update 1 <Hotfix XS82ECU1062 | |
| SUSE | SUSE Linux | |
| Citrix Systems | Citrix Systems XenServer 8 | |
| Fedora | Fedora Linux | |
| Open Source | Open Source Xen <4.17.4 | |
| Citrix Systems | Citrix Systems Hypervisor | |
| Citrix Systems | Citrix Systems Hypervisor <=8.2 Cumulative Update 1 | |
| Open Source | Open Source Xen <4.15.6 | |
| Open Source | Open Source Xen <4.18.2 | |
| Debian | Debian Linux | |
| Gentoo | Gentoo Linux | |
| Citrix Systems | Citrix Systems XenServer | |
| Citrix Systems | Citrix Systems Hypervisor <=8.2 Cumulative Update 1 LTSR | |
| Open Source | Open Source Xen <4.16.6 |
Timeline
- Apr 9, 2024 CVE Published
- May 17, 2024 EPSS Score
- Jul 5, 2024 EPSS Score
- Aug 21, 2024 EPSS Score
- Sep 14, 2024 EPSS Score
- Nov 1, 2024 EPSS Score
- Dec 19, 2024 EPSS Score
- Dec 26, 2024 CVE Updated
- Feb 5, 2025 EPSS Score
- Mar 24, 2025 EPSS Score
- Apr 30, 2025 PoC Published
- May 11, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0831.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0831 advisory
- https://xenbits.xen.org/xsa/advisory-454.html advisory
- https://xenbits.xen.org/xsa/advisory-455.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-4357ec611d advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-a46df5ba2f advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-a676697123 advisory
- https://support.citrix.com/article/CTX588044/hotfix-xs82ecu1062-for-citrix-hypervisor-82-cumulative-update-1 advisory
- https://support.citrix.com/article/CTX633151 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-April/018345.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-April/018358.html advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/EMA6GZ7SQAFZG4WQ2CYZR5CTCA4TCPW7/ advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-July/018989.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-July/018986.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-July/019067.html advisory
- https://security.gentoo.org/glsa/202409-10 advisory
- https://lists.debian.org/debian-security-announce/2024/msg00252.html advisory