Lucene search
PRIOn knowledge basePRION:CVE-2023-46837HistoryJan 05, 2024 - 5:15 p.m.
Design/Logic Flaw
2024-01-0517:15:00
PRIOn knowledge base
www.prio-n.com
7
arm
cache cleaners
arithmetic overflow
memory inconsistencies
guest memory
xsa-437
undefined behavior
approach
nvd
Arm provides multiple helpers to clean & invalidate the cache
for a given region. This is, for instance, used when allocating
guest memory to ensure any writes (such as the ones during scrubbing)
have reached memory before handing over the page to a guest.
Unfortunately, the arithmetics in the helpers can overflow and would
then result to skip the cache cleaning/invalidation. Therefore there
is no guarantee when all the writes will reach the memory.
This undefined behavior was meant to be addressed by XSA-437, but the
approach was not sufficient.
Related
nvd
nvd
CVE-2023-46837
2024-01-05 17:15:11
debiancve
debiancve
CVE-2023-46837
2024-01-05 17:15:11
veracode
veracode
Out-of-bounds Write
2024-01-30 17:14:26
cve
cve
CVE-2023-46837
2024-01-05 17:15:11
cvelist
cvelist
osv
osv
CVE-2023-46837
2024-01-05 17:15:11
ubuntucve
ubuntucve
CVE-2023-46837
2024-01-05 00:00:00
xen
xen
arm32: The cache may not be properly cleaned/invalidated (take two)
2023-12-12 12:00:00
nessus
nessus
Fedora 38 : xen (2024-4b2cf8c375)
2024-02-15 00:00:00
Fedora 39 : xen (2024-e527e6fd08)
2024-02-15 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: xen-4.17.2-6.fc38
2024-02-15 01:42:54
[SECURITY] Fedora 39 Update: xen-4.17.2-6.fc39
2024-02-15 01:00:14
openvas
openvas
Fedora: Security Advisory for xen (FEDORA-2024-e527e6fd08)
2024-02-15 00:00:00
Fedora: Security Advisory for xen (FEDORA-2024-4b2cf8c375)
2024-02-15 00:00:00