{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-46837","assignerOrgId":"23aa2041-22e1-471f-9209-9b7396fa234f","state":"PUBLISHED","assignerShortName":"XEN","dateReserved":"2023-10-27T07:55:35.332Z","datePublished":"2024-01-05T16:36:10.881Z","dateUpdated":"2025-11-04T18:18:50.284Z"},"containers":{"cna":{"title":"arm32: The cache may not be properly cleaned/invalidated (take two)","datePublic":"2023-12-12T12:00:00.000Z","descriptions":[{"lang":"en","value":"Arm provides multiple helpers to clean & invalidate the cache\nfor a given region.  This is, for instance, used when allocating\nguest memory to ensure any writes (such as the ones during scrubbing)\nhave reached memory before handing over the page to a guest.\n\nUnfortunately, the arithmetics in the helpers can overflow and would\nthen result to skip the cache cleaning/invalidation.  Therefore there\nis no guarantee when all the writes will reach the memory.\n\nThis undefined behavior was meant to be addressed by XSA-437, but the\napproach was not sufficient."}],"impacts":[{"descriptions":[{"lang":"en","value":"A malicious guest may be able to read sensitive data from memory that\npreviously belonged to another guest."}]}],"affected":[{"defaultStatus":"unknown","product":"Xen","vendor":"Xen","versions":[{"status":"unknown","version":"consult Xen advisory XSA-447"}]}],"configurations":[{"lang":"en","value":"Systems running all version of Xen are affected.\n\nOnly systems running Xen on Arm 32-bit are vulnerable.  Xen on Arm 64-bit\nis not affected."}],"workarounds":[{"lang":"en","value":"There is no known mitigation."}],"credits":[{"lang":"en","type":"finder","value":"This issue was discovered by Michal Orzel from AMD."}],"references":[{"url":"https://xenbits.xenproject.org/xsa/advisory-447.html"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XLL6SQ6IKFYXLYWITYZCRV5IBRK5G35R/"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JFVKWYQFRUU3CAS53THTUKXEOUDWI42G/"}],"providerMetadata":{"orgId":"23aa2041-22e1-471f-9209-9b7396fa234f","shortName":"XEN","dateUpdated":"2024-02-15T02:05:59.441Z"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://xenbits.xenproject.org/xsa/advisory-447.html","tags":["x_transferred"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XLL6SQ6IKFYXLYWITYZCRV5IBRK5G35R/","tags":["x_transferred"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JFVKWYQFRUU3CAS53THTUKXEOUDWI42G/","tags":["x_transferred"]},{"url":"http://xenbits.xen.org/xsa/advisory-447.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-04T18:18:50.284Z"}},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-119","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":3.3,"attackVector":"LOCAL","baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"LOW","confidentialityImpact":"LOW"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-02-01T20:11:12.746031Z","id":"CVE-2023-46837","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-16T19:35:47.025Z"}}]}}