Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 921355 (CVE-2023-46837, XSA-447) - <app-emulation/xen-{4.16.6_pre2,4.17.3}: arm32: The cache may not be properly cleaned/invalidated
Summary: <app-emulation/xen-{4.16.6_pre2,4.17.3}: arm32: The cache may not be properly...
Alias: CVE-2023-46837, XSA-447
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: C4 [glsa?]
Keywords: PullRequest
Depends on: 922051
  Show dependency tree
Reported: 2024-01-04 12:08 UTC by Tomáš Mózes
Modified: 2024-02-12 02:18 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Tomáš Mózes 2024-01-04 12:08:26 UTC


Arm provides multiple helpers to clean & invalidate the cache
for a given region.  This is, for instance, used when allocating
guest memory to ensure any writes (such as the ones during scrubbing)
have reached memory before handing over the page to a guest.

Unfortunately, the arithmetics in the helpers can overflow and would
then result to skip the cache cleaning/invalidation.  Therefore there
is no guarantee when all the writes will reach the memory.

This undefined behavior was meant to be addressed by XSA-437, but the
approach was not sufficient.


A malicious guest may be able to read sensitive data from memory that
previously belonged to another guest.


Systems running all version of Xen are affected.

Only systems running Xen on Arm 32-bit are vulnerable.  Xen on Arm 64-bit
is not affected.
Comment 1 Larry the Git Cow gentoo-dev 2024-01-09 08:53:37 UTC
The bug has been referenced in the following commit(s):

commit 1da2b08b738151d1c02a097dbb56313d371dd9c7
Author:     Tomáš Mózes <>
AuthorDate: 2024-01-08 16:35:11 +0000
Commit:     Florian Schmaus <>
CommitDate: 2024-01-09 08:52:43 +0000

    app-emulation/xen: add upstream patches
    Signed-off-by: Tomáš Mózes <>
    Signed-off-by: Florian Schmaus <>

 app-emulation/xen/Manifest               |   2 +
 app-emulation/xen/xen-4.16.6_pre2.ebuild | 174 ++++++++++++++++++++++++++++++
 app-emulation/xen/xen-4.17.3.ebuild      | 179 +++++++++++++++++++++++++++++++
 3 files changed, 355 insertions(+)