CVE-2018-14678
Description
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.081
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-3931-1) linux-image-aws_4.15.0.1035.34_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-gcp_4.15.0.1029.31_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-kvm_4.15.0.1031.31_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-oem_4.15.0.1035.40_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-oracle_4.15.0.1010.13_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-generic_4.15.0.47.49_i386.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-generic_4.15.0.47.49_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-virtual_4.15.0.47.49_i386.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-virtual_4.15.0.47.49_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-lowlatency_4.15.0.47.49_i386.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-lowlatency_4.15.0.47.49_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-4.15.0-1029-gcp_4.15.0-1029.31_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-4.15.0-1031-kvm_4.15.0-1031.31_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-4.15.0-1035-aws_4.15.0-1035.37_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-4.15.0-1035-oem_4.15.0-1035.40_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-4.15.0-47-generic_4.15.0-47.50_i386.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-4.15.0-47-generic_4.15.0-47.50_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-4.15.0-1010-oracle_4.15.0-1010.12_amd64.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-4.15.0-47-lowlatency_4.15.0-47.50_i386.deb | Linux |
| Linux kernel (USN-3931-1) linux-image-4.15.0-47-lowlatency_4.15.0-47.50_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-gcp_4.15.0.1029.43_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-gke_4.15.0.1029.43_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-oem_4.15.0.47.68_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-azure_4.15.0.1041.45_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-oracle_4.15.0.1010.4_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-4.15.0-1029-gcp_4.15.0-1029.31~16.04.1_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-4.15.0-1035-aws_4.15.0-1035.37~16.04.1_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-4.15.0-1041-azure_4.15.0-1041.45_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-4.15.0-1041-azure_4.15.0-1041.45~14.04.1_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-4.15.0-47-generic_4.15.0-47.50~16.04.1_i386.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-4.15.0-47-generic_4.15.0-47.50~16.04.1_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-generic-hwe-16.04_4.15.0.47.68_i386.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-generic-hwe-16.04_4.15.0.47.68_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-virtual-hwe-16.04_4.15.0.47.68_i386.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-virtual-hwe-16.04_4.15.0.47.68_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-4.15.0-1010-oracle_4.15.0-1010.12~16.04.1_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-4.15.0-47-lowlatency_4.15.0-47.50~16.04.1_i386.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-4.15.0-47-lowlatency_4.15.0-47.50~16.04.1_amd64.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-lowlatency-hwe-16.04_4.15.0.47.68_i386.deb | Linux |
| Linux kernel for Amazon Web Services (AWS-HWE) systems (USN-3931-2) linux-image-lowlatency-hwe-16.04_4.15.0.47.68_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234