Unrated severityNVD Advisory· Published Jan 5, 2024· Updated Nov 4, 2025
x86/AMD: missing IOMMU TLB flushing
CVE-2023-34326
Description
The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed.
Such stale DMA mappings can point to memory ranges not owned by the guest, thus allowing access to unindented memory regions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
31- osv-coords30 versionspkg:rpm/opensuse/xen&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/xen&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/xen&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/xen&distro=openSUSE%20Leap%20Micro%205.4pkg:rpm/opensuse/xen&distro=openSUSE%20Tumbleweedpkg:rpm/suse/xen&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP4pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP5pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/xen&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/xen&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/xen&distro=SUSE%20Manager%20Server%204.2
< 4.16.5_06-150400.4.37.1+ 29 more
- (no CPE)range: < 4.16.5_06-150400.4.37.1
- (no CPE)range: < 4.17.2_06-150500.3.12.1
- (no CPE)range: < 4.16.5_08-150400.4.40.1
- (no CPE)range: < 4.16.5_08-150400.4.40.1
- (no CPE)range: < 4.18.0_02-1.1
- (no CPE)range: < 4.14.6_06-150300.3.57.1
- (no CPE)range: < 4.12.4_40-150100.3.95.1
- (no CPE)range: < 4.13.5_06-150200.3.80.1
- (no CPE)range: < 4.14.6_06-150300.3.57.1
- (no CPE)range: < 4.14.6_06-150300.3.57.1
- (no CPE)range: < 4.14.6_06-150300.3.57.1
- (no CPE)range: < 4.14.6_06-150300.3.57.1
- (no CPE)range: < 4.16.5_06-150400.4.37.1
- (no CPE)range: < 4.16.5_06-150400.4.37.1
- (no CPE)range: < 4.17.2_06-150500.3.12.1
- (no CPE)range: < 4.16.5_06-150400.4.37.1
- (no CPE)range: < 4.17.2_06-150500.3.12.1
- (no CPE)range: < 4.16.5_06-150400.4.37.1
- (no CPE)range: < 4.17.2_06-150500.3.12.1
- (no CPE)range: < 4.12.4_40-3.97.1
- (no CPE)range: < 4.12.4_40-150100.3.95.1
- (no CPE)range: < 4.13.5_06-150200.3.80.1
- (no CPE)range: < 4.14.6_06-150300.3.57.1
- (no CPE)range: < 4.12.4_40-3.97.1
- (no CPE)range: < 4.12.4_40-150100.3.95.1
- (no CPE)range: < 4.13.5_06-150200.3.80.1
- (no CPE)range: < 4.14.6_06-150300.3.57.1
- (no CPE)range: < 4.12.4_40-3.97.1
- (no CPE)range: < 4.14.6_06-150300.3.57.1
- (no CPE)range: < 4.14.6_06-150300.3.57.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.