DEBIAN-CVE-2023-30456

Advisory lineage Upstream: 1 Downstream: 2
Upstream
CVE-2023-30456
Published: 10 Apr 2023, 02:15
Last modified:28 Apr 2026, 20:26

Vulnerability Summary

Overall Risk (default)
medium
26/100
CVSS Score
6.5 MEDIUM
3.1 (osv_debian)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

10 Apr 2023, 02:15
Published
Vulnerability first disclosed
28 Apr 2026, 20:26
Last Modified
Vulnerability information updated

Description

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.

CVSS Metrics

  • v3.1MEDIUMScore: 6.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Affected Systems

  • debianlinux

    < 5.10.178-1 | < 6.1.25-1 | < 6.1.25-1 | < 6.1.25-1

References (1)