Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-34324

Published: 05/01/2024 Updated: 11/01/2024
CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2
VMScore: 0
Subscribe to Xen

Vulnerability Summary

An issue exists in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. (CVE-2023-31085) A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests. (CVE-2023-34324) ipv4: fix null-deref in ipv4_link_failure NOTE: www.openwall.com/lists/oss-security/2023/10/02/8NOTE: git.kernel.org/linus/0113d9c9d1ccc07f5a3710dac4aa24b6d711278c (6.6-rc3) (CVE-2023-42754)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

xen xen -

linux linux kernel

Vendor Advisories

Amazon Linux AMI: ALAS-2023-1883
A race condition between two functions, lmLogClose() and txEnd(), in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash (CVE-2023-3397) A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests (CVE-2023-34324) A heap out-of-bounds write vulnerability in th ...
Amazon Linux 2: ALASKERNEL-5.15-2023-029
A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests (CVE-2023-34324) ...
Amazon Linux 2: ALASKERNEL-5.4-2023-055
An issue was discovered in drivers/mtd/ubi/cdevc in the Linux kernel 62 There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0 (CVE-2023-31085) A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests (CVE-2023-3432 ...
Amazon Linux 2: ALAS2-2023-2328
A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests (CVE-2023-34324) ...
Amazon Linux 2: ALASKERNEL-5.10-2023-042
An issue was discovered in drivers/mtd/ubi/cdevc in the Linux kernel 62 There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0 (CVE-2023-31085) A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests (CVE-2023-3432 ...
Citrix Security Bulletins: Citrix Hypervisor Multiple Security Updates
Description of Problem Several issues have been discovered that affect Citrix Hypervisor 82 CU1 LTSR and may allow malicious privileged code in a guest VM to:i)  Compromise an AMD-based host via a passed through PCI device: CVE-2023-34326ii)  Compromise the host when a specific administrative action is taken (see Mitigating Factors below ...

References

CWE-400https://xenbits.xenproject.org/xsa/advisory-441.htmlhttps://lists.debian.org/debian-lts-announce/2024/01/msg00004.htmlhttps://lists.debian.org/debian-lts-announce/2024/01/msg00005.htmlhttps://nvd.nist.govhttps://alas.aws.amazon.com/ALAS-2023-1883.htmlhttps://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2023-055.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook