CVE-2023-46842

2024-05-1600:00:00

ubuntu.com

cve-2023-46842

x86

hvm

hypercalls

xen

bug check

hypervisor

universe

binary

6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and
other modes. This in particular means that they may set registers used to
pass 32-bit-mode hypercall arguments to values outside of the range 32-bit
code would be able to set them to. When processing of hypercalls takes a
considerable amount of time, the hypervisor may choose to invoke a
hypercall continuation. Doing so involves putting (perhaps updated)
hypercall arguments in respective registers. For guests not running in
64-bit mode this further involves a certain amount of translation of the
values. Unfortunately internal sanity checking of these translated values
assumes high halves of registers to always be clear when invoking a
hypercall. When this is found not to be the case, it triggers a consistency
check in the hypervisor and causes a crash.

Notes

Author	Note
mdeslaur	hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchxen< anyUNKNOWN
ubuntu20.04noarchxen< anyUNKNOWN
ubuntu22.04noarchxen< anyUNKNOWN
ubuntu23.10noarchxen< anyUNKNOWN
ubuntu24.04noarchxen< anyUNKNOWN
ubuntu16.04noarchxen< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	xen	< any	UNKNOWN
ubuntu	20.04	noarch	xen	< any	UNKNOWN
ubuntu	22.04	noarch	xen	< any	UNKNOWN
ubuntu	23.10	noarch	xen	< any	UNKNOWN
ubuntu	24.04	noarch	xen	< any	UNKNOWN
ubuntu	16.04	noarch	xen	< any	UNKNOWN