Alpine: xen: security update to 4.16.5-r7

medium Tenable Self-Hosted Container Security Plugin ID 408319

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- Information exposure through microarchitectural state after transient execution from some register files
for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information
disclosure via local access. (CVE-2023-28746)

- Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (CET). A sub-feature of this
are Shadow Stacks (CET-SS). CET-SS is a hardware feature designed to protect against Return Oriented
Programming attacks. When enabled, traditional stacks holding both data and return addresses are
accompanied by so called "shadow stacks", holding little more than return addresses. Shadow stacks aren't
writable by normal instructions, and upon function returns their contents are used to check for possible
manipulation of a return address coming from the traditional stack. In particular certain memory accesses
need intercepting by Xen. In various cases the necessary emulation involves kind of replaying of the
instruction. Such replaying typically involves filling and then invoking of a stub. Such a replayed
instruction may raise an exceptions, which is expected and dealt with accordingly. Unfortunately the
interaction of both of the above wasn't right: Recovery involves removal of a call frame from the
(traditional) stack. The counterpart of this operation for the shadow stack was missing. (CVE-2023-46841)

- A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting
speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit
this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative
executable code paths. (CVE-2024-2193)

See Also

https://security.alpinelinux.org/vuln/CVE-2023-28746

https://security.alpinelinux.org/vuln/CVE-2023-46841

https://security.alpinelinux.org/vuln/CVE-2024-2193

Plugin Details

Severity: Medium

ID: 408319

Version: Revision 1.14

Type: Local

Published: 3/19/2024

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: High

Score: 7.1

Percentile: 98.47

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2023-28746

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.9

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 7/21/2021

Reference Information

CVE: CVE-2023-28746, CVE-2023-46841, CVE-2024-2193

IAVB: 2023-B-0090-S