CVE-2023-34322
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2023-34322 is a vulnerability affecting Xen hypervisor where 64-bit PV guests run directly on the shadow of the guest root page table due to the use of shadow paging mode. The vulnerability arises when dealing with memory shortages in the shadow pool associated with a domain, which can result in the tearing down of shadows of page tables, including the shadow root page table. Although a precaution exists to prevent the underlying live page table from being torn down, the time window for this protection is not sufficient. This issue can potentially lead to unauthorized access or system instability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Xen
Affected Vendors
- Xen