CVE-2023-30456Improper Check for Unusual or Exceptional Conditions in Kernel

CWE-754Improper Check for Unusual or Exceptional ConditionsCWE-358Improperly Implemented Security Check for Standard38 documents9 sources
Severity
6.5MEDIUMNVD
OSV7.8OSV7.1OSV6.6OSV5.5
EPSS
0.0%
top 96.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Linux KernelDebian LinuxMsrc Cbl2 Kernel 5.15.107.1-2 ON CBL Mariner 2.0+5 more
Timeline
PublishedApr 10
Latest updateDec 9

Description

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages10 packages

NVDlinux/linux_kernel< 6.2.8+1
Debianlinux/linux_kernel< 5.10.178-1+3
Ubuntulinux/linux_kernel< 4.15.0-212.223+8
debiandebian/linux< linux 6.1.25-1 (bookworm)

Patches

Patch: cdn.kernel.orgPatch: cdn.kernel.org

🔴Vulnerability Details

17
OSV
linux vulnerabilities2024-03-18
OSV
linux-iot vulnerabilities2023-07-27
OSV
Kernel Live Patch Security Notice2023-07-25
OSV
linux-xilinx-zynqmp vulnerabilities2023-07-12
OSV
linux-intel-iotg-5.15 vulnerabilities2023-06-14

📋Vendor Advisories

18
Ubuntu
Linux kernel vulnerabilities2024-03-18
Ubuntu
Linux kernel (IoT) vulnerabilities2023-07-27
Ubuntu
Kernel Live Patch Security Notice2023-07-25
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities2023-07-12
Ubuntu
Linux kernel vulnerabilities2023-06-22

📄Research Papers

1
arXiv
NecoFuzz: Effective Fuzzing of Nested Virtualization via Fuzz-Harness Virtual Machines2025-12-09

💬Community

1
Bugzilla
CVE-2023-30456 kernel: KVM: nVMX: missing consistency checks for CR0 and CR42023-04-20
CVE-2023-30456 — Linux Kernel vulnerability | cvebase