CVE-2023-34321

2024-01-0517:15:08

Google

osv.dev

arm

cache cleaning

overflow

memory write

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Arm provides multiple helpers to clean & invalidate the cache
for a given region. This is, for instance, used when allocating
guest memory to ensure any writes (such as the ones during scrubbing)
have reached memory before handing over the page to a guest.

Unfortunately, the arithmetics in the helpers can overflow and would
then result to skip the cache cleaning/invalidation. Therefore there
is no guarantee when all the writes will reach the memory.

CPENameOperatorVersion
xeneq4.15.1-r0
xeneq4.11.0-r0
xeneq4.14.5+24-g87d90d511c-1
xeneq4.3.0-r8
xeneq4.17.0+46-gaaf74a532c-1
xeneq4.0.1-r3
xeneq4.2.1-r1
xeneq4.16.4-r1
xeneq4.14.3+32-g9de3671772-1~deb11u1
xeneq4.14.4+74-gd7b22226b5-1

Name	Operator	Version
xen	eq	4.15.1-r0
xen	eq	4.11.0-r0
xen	eq	4.14.5+24-g87d90d511c-1
xen	eq	4.3.0-r8
xen	eq	4.17.0+46-gaaf74a532c-1
xen	eq	4.0.1-r3
xen	eq	4.2.1-r1
xen	eq	4.16.4-r1
xen	eq	4.14.3+32-g9de3671772-1~deb11u1
xen	eq	4.14.4+74-gd7b22226b5-1