Unrated severityNVD Advisory· Published Jan 5, 2024· Updated Nov 4, 2025
arm32: The cache may not be properly cleaned/invalidated (take two)
CVE-2023-46837
Description
Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a guest.
Unfortunately, the arithmetics in the helpers can overflow and would then result to skip the cache cleaning/invalidation. Therefore there is no guarantee when all the writes will reach the memory.
This undefined behavior was meant to be addressed by XSA-437, but the approach was not sufficient.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.