CVE-2023-46840 - Vulnerability Details - OpenCVE

Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Fedoraproject	Fedora
Xen	Xen

Configuration 1 [-]

cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://xenbits.xen.org/xsa/advisory-450.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XLL6SQ6IKFYXLYWITYZCRV5IBRK5G35R/
https://xenbits.xenproject.org/xsa/advisory-450.html

History

Tue, 13 Jan 2026 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fedoraproject Fedoraproject fedora
Weaknesses		CWE-670
CPEs		cpe:2.3:o:fedoraproject:fedora:39:::::::* cpe:2.3:o:xen:xen:::::::x86:*
Vendors & Products		Fedoraproject Fedoraproject fedora

Tue, 04 Nov 2025 19:30:00 +0000

Type	Values Removed	Values Added
References		http://xenbits.xen.org/xsa/advisory-450.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XLL6SQ6IKFYXLYWITYZCRV5IBRK5G35R/

Mon, 04 Nov 2024 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 4.1, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: XEN

Published: 2024-03-20T10:40:18.050Z

Updated: 2025-11-04T18:18:56.351Z

Reserved: 2023-10-27T07:55:35.333Z

Link: CVE-2023-46840

Vulnrichment

Updated: 2025-11-04T18:18:56.351Z

NVD

Status : Analyzed

Published: 2024-03-20T11:15:08.180

Modified: 2026-01-13T14:50:49.260

Link: CVE-2023-46840

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-46840", "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f", "state": "PUBLISHED", "assignerShortName": "XEN", "dateReserved": "2023-10-27T07:55:35.333Z", "datePublished": "2024-03-20T10:40:18.050Z", "dateUpdated": "2025-11-04T18:18:56.351Z"}, "containers": {"cna": {"title": "VT-d: Failure to quarantine devices in !HVM builds", "datePublic": "2024-01-30T12:00:00.000Z", "descriptions": [{"lang": "en", "value": "Incorrect placement of a preprocessor directive in source code results\nin logic that doesn't operate as intended when support for HVM guests is\ncompiled out of Xen.\n"}], "impacts": [{"descriptions": [{"lang": "en", "value": "When a device is removed from a domain, it is not properly quarantined\nand retains its access to the domain to which it was previously\nassigned.\n"}]}], "affected": [{"defaultStatus": "unknown", "product": "Xen", "vendor": "Xen", "versions": [{"status": "unknown", "version": "consult Xen advisory XSA-450"}]}], "configurations": [{"lang": "en", "value": "Xen 4.17 and onwards are vulnerable. Xen 4.16 and older are not\nvulnerable.\n\nOnly Xen running on x86 platforms with an Intel-compatible VT-d IOMMU is\nvulnerable. Platforms from other manufacturers, or platforms without a\nVT-d IOMMU are not vulnerable.\n\nOnly systems where PCI devices are passed through to untrusted or\nsemi-trusted guests are vulnerable. Systems which do not assign PCI\ndevices to untrusted guests are not vulnerable.\n\nXen is only vulnerable when CONFIG_HVM is disabled at build time. Most\ndeployments of Xen are expected to have CONFIG_HVM enabled at build\ntime, and would therefore not be vulnerable.\n"}], "workarounds": [{"lang": "en", "value": "There is no mitigation.\n"}], "credits": [{"lang": "en", "type": "finder", "value": "This issue was discovered by Teddy Astie of Vates\n"}], "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-450.html"}], "providerMetadata": {"orgId": "23aa2041-22e1-471f-9209-9b7396fa234f", "shortName": "XEN", "dateUpdated": "2024-03-20T10:40:18.050Z"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-450.html", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XLL6SQ6IKFYXLYWITYZCRV5IBRK5G35R/"}, {"url": "http://xenbits.xen.org/xsa/advisory-450.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T18:18:56.351Z"}}, {"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-05T18:59:02.763689Z", "id": "CVE-2023-46840", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-04T21:39:44.430Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-450.html", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XLL6SQ6IKFYXLYWITYZCRV5IBRK5G35R/"}, {"url": "http://xenbits.xen.org/xsa/advisory-450.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T18:18:56.351Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-46840", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-05T18:59:02.763689Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-05T18:59:07.632Z"}}], "cna": {"title": "VT-d: Failure to quarantine devices in !HVM builds", "credits": [{"lang": "en", "type": "finder", "value": "This issue was discovered by Teddy Astie of Vates\n"}], "impacts": [{"descriptions": [{"lang": "en", "value": "When a device is removed from a domain, it is not properly quarantined\nand retains its access to the domain to which it was previously\nassigned.\n"}]}], "affected": [{"vendor": "Xen", "product": "Xen", "versions": [{"status": "unknown", "version": "consult Xen advisory XSA-450"}], "defaultStatus": "unknown"}], "datePublic": "2024-01-30T12:00:00.000Z", "references": [{"url": "https://xenbits.xenproject.org/xsa/advisory-450.html"}], "workarounds": [{"lang": "en", "value": "There is no mitigation.\n"}], "descriptions": [{"lang": "en", "value": "Incorrect placement of a preprocessor directive in source code results\nin logic that doesn't operate as intended when support for HVM guests is\ncompiled out of Xen.\n"}], "configurations": [{"lang": "en", "value": "Xen 4.17 and onwards are vulnerable. Xen 4.16 and older are not\nvulnerable.\n\nOnly Xen running on x86 platforms with an Intel-compatible VT-d IOMMU is\nvulnerable. Platforms from other manufacturers, or platforms without a\nVT-d IOMMU are not vulnerable.\n\nOnly systems where PCI devices are passed through to untrusted or\nsemi-trusted guests are vulnerable. Systems which do not assign PCI\ndevices to untrusted guests are not vulnerable.\n\nXen is only vulnerable when CONFIG_HVM is disabled at build time. Most\ndeployments of Xen are expected to have CONFIG_HVM enabled at build\ntime, and would therefore not be vulnerable.\n"}], "providerMetadata": {"orgId": "23aa2041-22e1-471f-9209-9b7396fa234f", "shortName": "XEN", "dateUpdated": "2024-03-20T10:40:18.050Z"}}}, "cveMetadata": {"cveId": "CVE-2023-46840", "state": "PUBLISHED", "dateUpdated": "2025-11-04T18:18:56.351Z", "dateReserved": "2023-10-27T07:55:35.333Z", "assignerOrgId": "23aa2041-22e1-471f-9209-9b7396fa234f", "datePublished": "2024-03-20T10:40:18.050Z", "assignerShortName": "XEN"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:*", "matchCriteriaId": "1B149544-81AE-4439-B77E-F4C973187511", "versionStartIncluding": "4.17", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Incorrect placement of a preprocessor directive in source code results\nin logic that doesn't operate as intended when support for HVM guests is\ncompiled out of Xen.\n"}, {"lang": "es", "value": "La ubicaci\u00f3n incorrecta de una directiva de preprocesador en el c\u00f3digo fuente da como resultado una l\u00f3gica que no funciona como se espera cuando el soporte para invitados HVM se compila desde Xen."}], "id": "CVE-2023-46840", "lastModified": "2026-01-13T14:50:49.260", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-03-20T11:15:08.180", "references": [{"source": "security@xen.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://xenbits.xenproject.org/xsa/advisory-450.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://xenbits.xen.org/xsa/advisory-450.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XLL6SQ6IKFYXLYWITYZCRV5IBRK5G35R/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://xenbits.xenproject.org/xsa/advisory-450.html"}], "sourceIdentifier": "security@xen.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-670"}], "source": "nvd@nist.gov", "type": "Primary"}]}