vulnerability
Debian: CVE-2023-34326: xen -- security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Jan 5, 2024 | Jul 30, 2024 | Aug 15, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Jan 5, 2024
Added
Jul 30, 2024
Modified
Aug 15, 2025
Description
The caching invalidation guidelines from the AMD-Vi specification (48882—Rev
3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction
(see stale DMA mappings) if some fields of the DTE are updated but the IOMMU
TLB is not flushed.
Such stale DMA mappings can point to memory ranges not owned by the guest, thus
allowing access to unindented memory regions.
Solutions
debian-upgrade-xenno-fix-debian-deb-package
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.