Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2023-1998
HistoryApr 13, 2023 - 12:00 a.m.

CVE-2023-1998

2023-04-1300:00:00
ubuntu.com
ubuntu.com
252
linux
kernel
process mitigations
attacks
vms
cloud provider
spectre-bti mitigation

5.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

15.7%

JSON

The Linux kernel allows userspace processes to enable mitigations by
calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation
feature as well as by using seccomp. We had noticed that on VMs of at least
one major cloud provider, the kernel still left the victim process exposed
to attacks in some cases even after enabling the spectre-BTI mitigation
with prctl. The same behavior can be observed on a bare-metal machine when
forcing the mitigation to IBRS on boot command line. This happened because
when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic
that determined that STIBP was not needed. The IBRS bit implicitly protects
against cross-thread branch target injection. However, with legacy IBRS,
the IBRS bit was cleared on returning to userspace, due to performance
reasons, which disabled the implicit STIBP and left userspace threads
vulnerable to cross-thread branch target injection against which STIBP
protects.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-224.236UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-152.169UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-75.82UNKNOWN
ubuntu22.10noarchlinux< 5.19.0-45.46UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1167.180UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1104.112UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1038.43UNKNOWN
ubuntu22.10noarchlinux-aws< 5.19.0-1027.28UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1038.43~20.04.1UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< anyUNKNOWN
Rows per page:
1-10 of 681

Related

redhatcve 1
debiancve 1
zdt 1
cbl_mariner 4
cve 1
cvelist 1
nvd 1
prion 1
nessus 52
exploitdb 1
osv 16
almalinux 3
redhat 13
rocky 1
oraclelinux 2
ubuntu 11
openvas 21
amazon 3
rosalinux 1
ibm 4
debian 2
redhatcve
redhatcve
CVE-2023-1998
2023-04-17 09:31:13
debiancve
debiancve
CVE-2023-1998
2023-04-21 15:15:07
zdt
zdt
Linux Kernel 6.2 - Userspace Processes To Enable Mitigation Exploit
2023-04-20 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-1998 affecting package kernel 5.10.179.1-1
2023-05-25 17:55:45
CVE-2023-1998 affecting package hyperv-daemons for versions less than 5.15.118.1-1
2023-08-03 02:51:21
CVE-2023-1998 affecting package hyperv-daemons 5.10.188.1-1
2023-08-15 16:37:27
cve
cve
CVE-2023-1998
2023-04-21 15:15:07
cvelist
cvelist
CVE-2023-1998 Spectre v2 SMT mitigations problem in Linux kernel
2023-04-21 14:51:52
nvd
nvd
CVE-2023-1998
2023-04-21 15:15:07
prion
prion
Cross site scripting
2023-04-21 15:15:00
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2023-1998)
2023-06-02 00:00:00
CentOS 9 : kernel-5.14.0-350.el9
2024-02-29 00:00:00
RHEL 9 : kernel-rt (RHSA-2023:4378)
2023-08-01 00:00:00
exploitdb
exploitdb
Linux Kernel 6.2 - Userspace Processes To Enable Mitigation
2023-04-20 00:00:00
osv
osv
Important: kernel-rt security and bug fix update
2023-08-08 12:34:53
Important: kernel-rt security and bug fix update
2023-08-01 00:00:00
Important: kernel security, bug fix, and enhancement update
2023-08-01 00:00:00
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2023-08-01 00:00:00
Important: kernel-rt security and bug fix update
2023-08-01 00:00:00
Important: kernel security, bug fix, and enhancement update
2023-11-14 00:00:00
redhat
redhat
(RHSA-2023:4378) Important: kernel-rt security and bug fix update
2023-08-01 08:48:00
(RHSA-2023:4377) Important: kernel security, bug fix, and enhancement update
2023-08-01 08:47:02
(RHSA-2023:5603) Important: kernel-rt security and bug fix update
2023-10-10 14:20:32
rocky
rocky
kernel-rt security and bug fix update
2023-08-08 12:34:53
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2023-08-04 00:00:00
kernel security, bug fix, and enhancement update
2023-11-17 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2023-06-16 00:00:00
Linux kernel (Intel IoTG) vulnerabilities
2023-07-06 00:00:00
Linux kernel vulnerabilities
2023-06-22 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6207-1)
2023-07-07 00:00:00
Ubuntu: Security Advisory (USN-6185-1)
2023-06-23 00:00:00
Ubuntu: Security Advisory (USN-6172-1)
2023-06-19 00:00:00
amazon
amazon
Important: kernel
2023-03-17 16:34:00
Important: kernel
2023-03-17 15:53:00
Important: kernel
2023-03-17 16:34:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2189
2023-07-11 14:30:55
ibm
ibm
Security Bulletin: Vulnerabilities in Linux Kernel and Apache Axis can affect IBM Storage Protect Plus
2024-01-31 12:00:02
Security Bulletin: Vulnerabilities in Linux Kernel might affect IBM Spectrum Copy Data Management
2024-01-12 16:32:54
Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps
2023-12-18 18:02:34
debian
debian
[SECURITY] [DLA 3404-1] linux-5.10 security update
2023-05-02 22:45:59
[SECURITY] [DLA 3403-1] linux security update
2023-05-03 12:01:28

5.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

15.7%

JSON
Related for UB:CVE-2023-1998
redhatcve1debiancve1zdt1cbl_mariner4cve1cvelist1nvd1prion1nessus52exploitdb1osv16almalinux3redhat13rocky1oraclelinux2ubuntu11openvas21amazon3rosalinux1ibm4debian2