CVE-2023-34322: 
NixOS vulnerability analysis and mitigation

CVE-2023-34322 is a vulnerability in Xen's shadow paging mode implementation that affects 64-bit PV guests. The vulnerability was discovered by Tim Deegan and Jan Beulich of SUSE, and was publicly disclosed on September 19, 2023. The issue affects all Xen versions from at least 3.2 onwards on x86 systems, specifically impacting 64-bit PV guests running in shadow mode during migration or as a workaround for L1TF (Xen Advisory).

The vulnerability occurs when dealing with memory shortages in the shadow pool associated with a domain. When shadows of page tables are torn down, this may include the shadow root page table that the CPU is currently running on. Although a precaution exists to prevent the tearing down of the live page table, the time window covered by this precaution is insufficient. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The impact of this vulnerability is severe, as it can lead to privilege escalation, denial of service (DoS) affecting the entire host, and information leaks. The vulnerability is particularly concerning as it affects systems during guest migration or when implementing L1TF mitigations (Xen Advisory).

Several mitigation options are available: running only HVM or PVH guests will avoid the vulnerability entirely, and running PV guests in the PV shim will also prevent exploitation. For affected systems, patches have been released for various Xen versions (4.15.x through 4.17.x and unstable). System administrators are encouraged to apply the appropriate patch for their Xen version (Xen Advisory).