Multiple vulnerabilities in libfsimage disk handling
CVE-2023-34325

7.8HIGH

Key Information:

Vendor: Xen Project
Status: Xen
Vendor: CVE Published:; 5 January 2024

What is CVE-2023-34325?

A vulnerability has been identified in the libfsimage component, which is employed for filesystem parsing based on legacy grub code. This component is utilized by pygrub to analyze guest disk images while operating under privileged user conditions. An attacker with access to the system could exploit this flaw to execute a stack buffer overflow, which would compromise the integrity of the system. The Xen Security Team indicates that the running of libfsimage against guest-controlled input under superuser privileges presents substantial security risks. To remediate this issue without disrupting existing environments, patches are provided to run pygrub in a deprivileged mode.

Affected Version(s)

Xen consult Xen advisory XSA-443

References

https://xenbits.xenproject.org/xsa/advisory-443.html

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 5, 2024
Vulnerability Reserved
Jun 1, 2023

Credit

This issue was discovered by Ferdinand Nölscher of Google.

Xen Project

What is CVE-2023-34325?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit