GHSA-v75r-qqcp-59c7
GitHub Security Advisory
⚠ Unreviewed
LOW
Has CVE
Advisory Details
Arm provides multiple helpers to clean & invalidate the cache
for a given region. This is, for instance, used when allocating
guest memory to ensure any writes (such as the ones during scrubbing)
have reached memory before handing over the page to a guest.
Unfortunately, the arithmetics in the helpers can overflow and would
then result to skip the cache cleaning/invalidation. Therefore there
is no guarantee when all the writes will reach the memory.
This undefined behavior was meant to be addressed by XSA-437, but the
approach was not sufficient.
Related CVEs
Key Information
2.5
/10
Dataset
Last updated: September 12, 2025 6:34 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.