[Git][security-tracker-team/security-tracker][master] Add CVE-2023-46842/xen

Salvatore Bonaccorso (@carnil) Tue, 09 Apr 2024 08:47:14 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
daba9a7c by Salvatore Bonaccorso at 2024-04-09T17:45:33+02:00
Add CVE-2023-46842/xen

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19461,6 +19461,11 @@ CVE-2020-36772 (CloudLinux CageFS 7.0.8-2 or below 
insufficiently restricts file
        NOT-FOR-US: CloudLinux CageFS
 CVE-2020-36771 (CloudLinux CageFS 7.1.1-1 or below passes the authentication 
token as  ...)
        NOT-FOR-US: CloudLinux CageFS
+CVE-2023-46842 [x86 HVM hypercalls may trigger Xen bug check]
+       - xen <unfixed>
+       [bullseye] - xen <end-of-life> (EOLed in Bullseye)
+       [buster] - xen <not-affected> (Vulnerable code not present)
+       NOTE: https://xenbits.xen.org/xsa/advisory-454.html
 CVE-2023-46841 (Recent x86 CPUs offer functionality named Control-flow 
Enforcement Tec ...)
        - xen 4.17.3+36-g54dacb5c02-1
        [bookworm] - xen <postponed> (Minor issue, fix along in next DSA)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/daba9a7cd793285cc49a4dcb9e27a0b3dd1e641b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/daba9a7cd793285cc49a4dcb9e27a0b3dd1e641b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-46842/xen

Reply via email to