{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T21:47:43.351","vulnerabilities":[{"cve":{"id":"CVE-2023-34321","sourceIdentifier":"security@xen.org","published":"2024-01-05T17:15:08.357","lastModified":"2025-11-04T20:16:30.183","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Arm provides multiple helpers to clean & invalidate the cache\nfor a given region.  This is, for instance, used when allocating\nguest memory to ensure any writes (such as the ones during scrubbing)\nhave reached memory before handing over the page to a guest.\n\nUnfortunately, the arithmetics in the helpers can overflow and would\nthen result to skip the cache cleaning/invalidation.  Therefore there\nis no guarantee when all the writes will reach the memory.\n"},{"lang":"es","value":"Arm proporciona múltiples ayudas para limpiar e invalidar el caché de una región determinada. Esto se utiliza, por ejemplo, al asignar memoria de invitado para garantizar que cualquier escritura (como las que se realizan durante la depuración) haya llegado a la memoria antes de entregar la página a un invitado. Desafortunadamente, la aritmética en los asistentes puede desbordarse y entonces se omitiría la limpieza/invalidación de la caché. Por lo tanto, no hay garantía de cuándo todas las escrituras llegarán a la memoria."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*","versionEndIncluding":"4.16","matchCriteriaId":"9E211AB0-41AD-40D0-AF03-D285F42C6163"}]}]}],"references":[{"url":"https://xenbits.xenproject.org/xsa/advisory-437.html","source":"security@xen.org","tags":["Patch","Vendor Advisory"]},{"url":"http://xenbits.xen.org/xsa/advisory-437.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://xenbits.xenproject.org/xsa/advisory-437.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}