Debian update for xen
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 12 |
| CVE-ID | CVE-2023-28746 CVE-2023-46841 CVE-2023-46842 CVE-2024-2193 CVE-2024-2201 CVE-2024-31142 CVE-2024-31143 CVE-2024-31145 CVE-2024-31146 CVE-2024-45817 CVE-2024-45818 CVE-2024-45819 |
| CWE-ID | CWE-200 CWE-399 CWE-20 CWE-362 CWE-1037 CWE-843 CWE-667 CWE-388 CWE-833 CWE-401 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Debian Linux Operating systems & Components / Operating system xen (Debian package) Operating systems & Components / Operating system package or component |
| Vendor | Debian |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU87457
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-28746
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors. A local user can gain access to sensitive information.
Update xen package to version 4.17.5+23-ga4e5191dc0-1.
Vulnerable software versionsDebian Linux: All versions
xen (Debian package): before 4.17.5+23-ga4e5191dc0-1
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:xen_debian_package:*:*:*:*:*:debian_linux:*:*
http://lists.debian.org/debian-security-announce/2024/msg00252.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource management error
EUVDB-ID: #VU86860
Risk: Medium
CVSSv4.0: 5.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Green]
CVE-ID: CVE-2023-46841
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote guest to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect implementation of the Shadow Stacks (CET-SS) feature. An unprivileged guest can cause a hypervisor crash, causing a Denial of Service (DoS) of the entire host.
Update xen package to version 4.17.5+23-ga4e5191dc0-1.
Vulnerable software versionsDebian Linux: All versions
xen (Debian package): before 4.17.5+23-ga4e5191dc0-1
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:xen_debian_package:*:*:*:*:*:debian_linux:*:*
http://lists.debian.org/debian-security-announce/2024/msg00252.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU88228
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-46842
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of register values when invoking a hypercall. A malicious HVM or PVH guest can pass specially crafted input to the hypervisor and perform a denial of service (DoS) attack.
MitigationUpdate xen package to version 4.17.5+23-ga4e5191dc0-1.
Vulnerable software versionsDebian Linux: All versions
xen (Debian package): before 4.17.5+23-ga4e5191dc0-1
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:xen_debian_package:*:*:*:*:*:debian_linux:*:*
http://lists.debian.org/debian-security-announce/2024/msg00252.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Race condition
EUVDB-ID: #VU87374
Risk: Low
CVSSv4.0: 7.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Clear]
CVE-ID: CVE-2024-2193
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a speculative race condition. A local user can exploit the race and gain unauthorized access to contents of arbitrary host memory, including memory assigned to other guests.
The vulnerability was dubbed GhostRace.
Update xen package to version 4.17.5+23-ga4e5191dc0-1.
Vulnerable software versionsDebian Linux: All versions
xen (Debian package): before 4.17.5+23-ga4e5191dc0-1
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:xen_debian_package:*:*:*:*:*:debian_linux:*:*
http://lists.debian.org/debian-security-announce/2024/msg00252.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Processor optimization removal or modification of security-critical code
EUVDB-ID: #VU88374
Risk: Medium
CVSSv4.0: 7.6 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Green]
CVE-ID: CVE-2024-2201
CWE-ID:
CWE-1037 - Processor optimization removal or modification of security-critical code
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to escalate privileges on the system.
The vulnerability exists due to native branch history injection on x86 systems. A malicious guest can infer the contents of arbitrary host memory, including memory assigned to other guests and compromise the affected system.
Update xen package to version 4.17.5+23-ga4e5191dc0-1.
Vulnerable software versionsDebian Linux: All versions
xen (Debian package): before 4.17.5+23-ga4e5191dc0-1
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:xen_debian_package:*:*:*:*:*:debian_linux:*:*
http://lists.debian.org/debian-security-announce/2024/msg00252.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Type confusion
EUVDB-ID: #VU88372
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-31142
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to escalate privileges on the system.
The vulnerability exists due to a logical error caused by a branch type confusion when implementing fixes for the following vulnerabilities:
#VU65219 (CVE-2022-23816)
#VU65204 (CVE-2022-23825)
#VU65205 (CVE-2022-29900)
#VU79263 (CVE-2023-20569)
A malicious guest can gain access to sensitive information and escalate privileges on the system.
Update xen package to version 4.17.5+23-ga4e5191dc0-1.
Vulnerable software versionsDebian Linux: All versions
xen (Debian package): before 4.17.5+23-ga4e5191dc0-1
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:xen_debian_package:*:*:*:*:*:debian_linux:*:*
http://lists.debian.org/debian-security-announce/2024/msg00252.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper locking
EUVDB-ID: #VU94499
Risk: Medium
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H/E:U/U:Green]
CVE-ID: CVE-2024-31143
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to perform a denial of service (DoS) attack.
The vulnerability exists due to double unlock in x86 guest IRQ handling. An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. A malicious guest can crash the hypervisor.
Update xen package to version 4.17.5+23-ga4e5191dc0-1.
Vulnerable software versionsDebian Linux: All versions
xen (Debian package): before 4.17.5+23-ga4e5191dc0-1
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:xen_debian_package:*:*:*:*:*:debian_linux:*:*
http://lists.debian.org/debian-security-announce/2024/msg00252.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper error handling
EUVDB-ID: #VU96006
Risk: Medium
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-31145
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to escalate privileges on the system.
The vulnerability exists due to improper error handling in x86 IOMMU identity mapping. A malicious guest can access memory regions related to other guests or the hypervisor.
Update xen package to version 4.17.5+23-ga4e5191dc0-1.
Vulnerable software versionsDebian Linux: All versions
xen (Debian package): before 4.17.5+23-ga4e5191dc0-1
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:xen_debian_package:*:*:*:*:*:debian_linux:*:*
http://lists.debian.org/debian-security-announce/2024/msg00252.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Resource management error
EUVDB-ID: #VU96007
Risk: Medium
CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-31146
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to escalate privileges on the system.
The vulnerability exists due to improper management of shared resources when using PCI pass-through. A malicious guest can escalate privileges on the system.
Update xen package to version 4.17.5+23-ga4e5191dc0-1.
Vulnerable software versionsDebian Linux: All versions
xen (Debian package): before 4.17.5+23-ga4e5191dc0-1
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:xen_debian_package:*:*:*:*:*:debian_linux:*:*
http://lists.debian.org/debian-security-announce/2024/msg00252.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Deadlock
EUVDB-ID: #VU97680
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-45817
CWE-ID:
CWE-833 - Deadlock
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack (DoS) on the target system.
The vulnerability exists due to a deadlock within the vlapic_error() function. A buggy or malicious HVM or PVH guest can deadlock Xen and perform a denial of service attack.
MitigationUpdate xen package to version 4.17.5+23-ga4e5191dc0-1.
Vulnerable software versionsDebian Linux: All versions
xen (Debian package): before 4.17.5+23-ga4e5191dc0-1
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:xen_debian_package:*:*:*:*:*:debian_linux:*:*
http://lists.debian.org/debian-security-announce/2024/msg00252.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper locking
EUVDB-ID: #VU100325
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-45818
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to perform a denial of service attack (DoS) on the target system.
The vulnerability exists due to improper locking in standard VGA implementation. A malicious guest can cause a deadlock and perform a denial of service attack against the entire host.
Update xen package to version 4.17.5+23-ga4e5191dc0-1.
Vulnerable software versionsDebian Linux: All versions
xen (Debian package): before 4.17.5+23-ga4e5191dc0-1
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:xen_debian_package:*:*:*:*:*:debian_linux:*:*
http://lists.debian.org/debian-security-announce/2024/msg00252.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Memory leak
EUVDB-ID: #VU100327
Risk: Medium
CVSSv4.0: 5.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-45819
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a malicious guest to gain access to sensitive information.
The vulnerability exists due data leak in libxl related to how PBH guests work with ACPI tables. A malicious guest can access sensitive information pertaining to the host, control domain, or other guests.
Update xen package to version 4.17.5+23-ga4e5191dc0-1.
Vulnerable software versionsDebian Linux: All versions
xen (Debian package): before 4.17.5+23-ga4e5191dc0-1
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:xen_debian_package:*:*:*:*:*:debian_linux:*:*
http://lists.debian.org/debian-security-announce/2024/msg00252.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
