CVE-2023-46837

{"id": "CVE-2023-46837", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2024-01-05T17:15:11.247", "references": [{"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/JFVKWYQFRUU3CAS53THTUKXEOUDWI42G/", "source": "[email protected]"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/XLL6SQ6IKFYXLYWITYZCRV5IBRK5G35R/", "source": "[email protected]"}, {"url": "https://xenbits.xenproject.org/xsa/advisory-447.html", "tags": ["Patch", "Vendor Advisory"], "source": "[email protected]"}, {"url": "http://xenbits.xen.org/xsa/advisory-447.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/JFVKWYQFRUU3CAS53THTUKXEOUDWI42G/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/XLL6SQ6IKFYXLYWITYZCRV5IBRK5G35R/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://xenbits.xenproject.org/xsa/advisory-447.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-119"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Arm provides multiple helpers to clean & invalidate the cache\nfor a given region. This is, for instance, used when allocating\nguest memory to ensure any writes (such as the ones during scrubbing)\nhave reached memory before handing over the page to a guest.\n\nUnfortunately, the arithmetics in the helpers can overflow and would\nthen result to skip the cache cleaning/invalidation. Therefore there\nis no guarantee when all the writes will reach the memory.\n\nThis undefined behavior was meant to be addressed by XSA-437, but the\napproach was not sufficient."}, {"lang": "es", "value": "Arm proporciona m\u00faltiples ayudas para limpiar e invalidar el cach\u00e9 de una regi\u00f3n determinada. Esto se utiliza, por ejemplo, al asignar memoria de invitado para garantizar que cualquier escritura (como las que se realizan durante la limpieza) haya alcanzado la memoria antes de entregar la p\u00e1gina a un invitado. Desafortunadamente, la aritm\u00e9tica en los asistentes puede desbordarse y entonces se omitir\u00eda la limpieza/invalidaci\u00f3n de la cach\u00e9. Por lo tanto, no hay garant\u00eda de cu\u00e1ndo todas las escrituras llegar\u00e1n a la memoria. Este comportamiento indefinido deb\u00eda ser abordado por XSA-437, pero el enfoque no fue suficiente."}], "lastModified": "2025-11-04T19:16:04.687", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*", "vulnerable": true, "matchCriteriaId": "9E211AB0-41AD-40D0-AF03-D285F42C6163", "versionEndIncluding": "4.16"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}