{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T16:43:27.844","vulnerabilities":[{"cve":{"id":"CVE-2023-34322","sourceIdentifier":"security@xen.org","published":"2024-01-05T17:15:08.447","lastModified":"2025-11-04T20:16:30.387","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"For migration as well as to work around kernels unaware of L1TF (see\nXSA-273), PV guests may be run in shadow paging mode.  Since Xen itself\nneeds to be mapped when PV guests run, Xen and shadowed PV guests run\ndirectly the respective shadow page tables.  For 64-bit PV guests this\nmeans running on the shadow of the guest root page table.\n\nIn the course of dealing with shortage of memory in the shadow pool\nassociated with a domain, shadows of page tables may be torn down.  This\ntearing down may include the shadow root page table that the CPU in\nquestion is presently running on.  While a precaution exists to\nsupposedly prevent the tearing down of the underlying live page table,\nthe time window covered by that precaution isn't large enough.\n"},{"lang":"es","value":"Para la migración, así como para evitar kernels que no conocen L1TF (consulte XSA-273), los invitados PV pueden ejecutarse en modo de página oculta. Dado que el propio Xen debe mapearse cuando se ejecutan las maquinas PV de invitado, Xen y las shadowed PV de invitado ejecutan directamente las respectivas tablas de páginas ocultas. Para invitados PV de 64 bits, esto significa ejecutar en la shadow de la tabla de página raíz del invitado. Al tratar con la escasez de memoria en el shadow pool asociado con un dominio, es posible que se eliminen las tablas de páginas de shadows. Esta eliminación puede incluir la shadow de la tabla de página raíz en la que se está ejecutando actualmente la CPU en cuestión. Si bien existe una precaución para supuestamente evitar la eliminación de la tabla de las páginas activas subyacente, el período de tiempo cubierto por esa precaución no es lo suficientemente grande."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-273"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-273"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*","versionStartIncluding":"3.2.0","versionEndExcluding":"4.15.0","matchCriteriaId":"4E4B3C8C-CD2C-4F4F-8F8F-8E1B769333E7"}]}]}],"references":[{"url":"https://xenbits.xenproject.org/xsa/advisory-438.html","source":"security@xen.org","tags":["Vendor Advisory"]},{"url":"http://xenbits.xen.org/xsa/advisory-438.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://xenbits.xenproject.org/xsa/advisory-438.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}