{"id":"CVE-2023-34327","details":"\n[This CNA information record relates to multiple CVEs; the\ntext explains which aspects/vulnerabilities correspond to which CVE.]\n\nAMD CPUs since ~2014 have extensions to normal x86 debugging functionality.\nXen supports guests using these extensions.\n\nUnfortunately there are errors in Xen's handling of the guest state, leading\nto denials of service.\n\n 1) CVE-2023-34327 - An HVM vCPU can end up operating in the context of\n    a previous vCPUs debug mask state.\n\n 2) CVE-2023-34328 - A PV vCPU can place a breakpoint over the live GDT.\n    This allows the PV vCPU to exploit XSA-156 / CVE-2015-8104 and lock\n    up the CPU entirely.\n","modified":"2026-03-13T07:38:16.092025Z","published":"2024-01-05T17:15:08.683Z","related":["SUSE-SU-2023:4054-1","SUSE-SU-2023:4055-1","SUSE-SU-2023:4174-1","SUSE-SU-2023:4183-1","SUSE-SU-2023:4184-1","SUSE-SU-2023:4185-1","SUSE-SU-2023:4475-1","SUSE-SU-2023:4476-1","openSUSE-SU-2024:13442-1"],"references":[{"type":"ADVISORY","url":"http://xenbits.xen.org/xsa/advisory-444.html"},{"type":"FIX","url":"https://xenbits.xenproject.org/xsa/advisory-444.html"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"4.5.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-34327.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}