Protecting Against Return Oriented Programming Attacks with CET-SS
CVE-2023-46841

6.5MEDIUM

Key Information:

Vendor

Xen Project
Status
Xen Project
Vendor
CVE Published:
20 March 2024

What is CVE-2023-46841?

A technical vulnerability in the Xen Hypervisor arises from the interaction between Control-flow Enforcement Technology (CET) and its sub-feature, Shadow Stacks. Shadow Stacks are designed to bolster security against Return Oriented Programming attacks by maintaining a separate, non-writable stack that only holds return addresses. However, an issue has been identified where certain memory accesses, crucial for proper function, are not being intercepted, leading to a problematic emulation process involving instruction replay. This flaw specifically occurs during the recovery process, where the removal of a call frame from the traditional stack occurs without the corresponding operation taking place for the shadow stack, potentially compromising the integrity of return addresses.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Xen consult Xen advisory XSA-451

References

https://xenbits.xenproject.org/xsa/advisory-451.html
https://lists.fedoraproject.org/archives/list/package-ann...

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

This issue was discovered by Jan Beulich of SUSE.
JSON
.