CVE-2023-36427
Hyper-V / NT Kernel -- arbitrary physical memory corruption via Intel HFI MSR abuse
Summary
| Field | Value |
|---|---|
| Driver | ntoskrnl.exe (Hyper-V root partition) |
| Vulnerability Class | Arbitrary Memory Corruption |
| Exploited ITW | No |
| CVSS | 7.0 |
Root Cause
On systems running Hyper-V, the Windows kernel in the root partition manages the physical hardware on behalf of the hypervisor. Among the hardware interfaces it handles are Intel's Hardware Feedback Interface (HFI) MSRs, which allow the OS to receive performance and efficiency data from the CPU. Two MSRs are central to HFI: IA32_HW_FEEDBACK_PTR, which tells the CPU where to write its hardware feedback table, and IA32_HW_FEEDBACK_CONFIG, which enables or disables the feedback mechanism.
The vulnerability is that the kernel in the root partition allowed writes to these MSRs without validating the target physical address. An attacker with admin privileges in the root partition could set IA32_HW_FEEDBACK_PTR to point at any physical page, then enable feedback via IA32_HW_FEEDBACK_CONFIG. The CPU would then write its hardware feedback data directly to the chosen physical address.
The critical detail is that this write happens at the hardware level, bypassing EPT (Extended Page Table) protections that Hyper-V uses to isolate memory between partitions. The CPU's HFI write is a direct physical memory access that does not go through the hypervisor's memory virtualization. This means the attacker can corrupt physical pages belonging to the hypervisor itself, guest partitions, or any other protected memory region.
Discovered by tandasat, who published a full report and working exploit on GitHub.
Exploitation
An attacker running as administrator in the Hyper-V root partition identifies the physical address of a target page. This could be a page containing hypervisor data structures, a guest partition's memory, or hypervisor code pages. The attacker then writes the target physical address to IA32_HW_FEEDBACK_PTR via wrmsr (accessible to kernel-mode code in the root partition) and enables feedback via IA32_HW_FEEDBACK_CONFIG.
The CPU writes its hardware feedback table to the chosen address, corrupting whatever data was there. The corruption is limited to the format and size of the HFI feedback data (a structured table), but the target address is fully controlled. Depending on what is corrupted, the impact ranges from guest VM denial of service to hypervisor compromise or guest escape.
The attack requires admin-to-kernel in the root partition as a prerequisite, making this a privilege boundary crossing from root partition admin to hypervisor level.
Patch Analysis
The fix restricts root-partition access to the HFI MSRs. The kernel now validates that IA32_HW_FEEDBACK_PTR targets memory within the expected feedback buffer region, which is a pre-allocated, known-safe physical range. Attempts to set the pointer to arbitrary physical addresses are blocked.
Broader Significance
CVE-2023-36427 demonstrates a subtle but powerful attack class: abusing hardware interfaces to bypass software-enforced memory isolation. EPT is the foundation of Hyper-V's security model, but HFI writes operate below EPT because they are direct CPU-initiated physical memory accesses. This is a reminder that hardware features can create side channels around virtualization boundaries. The MSR interface in general is a rich attack surface for hypervisor escapes, as many MSRs influence physical memory access patterns in ways that may not be fully constrained by the hypervisor's MSR access policy.