CVE-2023-46837

2024-01-0517:15:11

CWE-119

[email protected]

web.nvd.nist.gov

arm

cache

cleaning

invalidation

overflow

undefined behavior

xsa-437

nvd

cve-2023-46837

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

3.9 Low

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

Arm provides multiple helpers to clean & invalidate the cache
for a given region. This is, for instance, used when allocating
guest memory to ensure any writes (such as the ones during scrubbing)
have reached memory before handing over the page to a guest.

Unfortunately, the arithmetics in the helpers can overflow and would
then result to skip the cache cleaning/invalidation. Therefore there
is no guarantee when all the writes will reach the memory.

This undefined behavior was meant to be addressed by XSA-437, but the
approach was not sufficient.

Affected configurations

NVD

Node

xenxenRange≤4.16x86

CPENameOperatorVersion
xen:xenxenle4.16

CPE	Name	Operator	Version
xen:xen	xen	le	4.16

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "product": "Xen",
    "vendor": "Xen",
    "versions": [
      {
        "status": "unknown",
        "version": "consult Xen advisory XSA-447"
      }
    ]
  }
]