CVE-2023-46841Fedora vulnerability

6 documents5 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 79.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
XENFedoraproject Fedora
Timeline
PublishedMar 20

Description

Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (CET). A sub-feature of this are Shadow Stacks (CET-SS). CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, traditional stacks holding both data and return addresses are accompanied by so called "shadow stacks", holding little more than return addresses. Shadow stacks aren't writable by normal instructions, and upon function returns their contents are used to che

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages3 packages

Alpinexen/xen< 4.16.5-r7+7
Debianxen/xen< 4.17.5+23-ga4e5191dc0-1+2
NVDxen/xen

Also affects: Fedora 40

Patches

Patch: xenbits.xenproject.orgPatch: xenbits.xen.orgPatch: xenbits.xenproject.org

🔴Vulnerability Details

4
GHSA
GHSA-mxh6-2xpg-m77w: Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (CET)2024-03-20
OSV
CVE-2023-46841: Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (CET)2024-03-20
OSV
CVE-2023-46841: Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (CET)2024-03-20
CVEList
x86: shadow stack vs exceptions from emulation stubs2024-03-20

📋Vendor Advisories

1
Debian
CVE-2023-46841: xen - Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (C...2023
CVE-2023-46841 — Fedoraproject Fedora vulnerability | cvebase