CVE-2023-46838

Public on 2024-01-23
Modified on 2024-02-02
Description
A flaw has been found in Xen. An unprivileged guest can cause Denial of Service (DoS) of the host by sending network packets to the backend, causing the backend to crash.
Severity
Medium severity
Medium
CVSS v3 Base Score
6.5
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 kernel No Fix Planned
Amazon Linux 2 - Core kernel 2024-05-23 ALAS2-2024-2549 Fixed
Amazon Linux 2 - Kernel-5.10 Extra kernel 2024-02-01 ALAS2KERNEL-5.10-2024-048 Fixed
Amazon Linux 2 - Kernel-5.15 Extra kernel 2024-02-01 ALAS2KERNEL-5.15-2024-036 Fixed
Amazon Linux 2 - Kernel-5.4 Extra kernel 2024-02-01 ALAS2KERNEL-5.4-2024-059 Fixed
Amazon Linux 2023 kernel 2024-02-01 ALAS2023-2024-510 Fixed
Amazon Linux 2023 kernel 2024-02-15 ALAS2023-2024-519 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
NVD CVSSv3 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H