AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2023-33119: Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.

highvulnerability

security

Source: NVD/CVE DatabaseMay 6, 2024CVE-2023-33119

Summary

CVE-2023-33119 is a memory corruption vulnerability that occurs when loading a virtual machine (VM, a simulated computer running inside another computer) from a signed VM image that is not coherent in the processor cache (the fast memory where a processor stores copies of data). The vulnerability is related to a TOCTOU race condition (a timing flaw where data can change between when it is checked and when it is used).

Vulnerability Details

CVSS Score

8.4(high)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-367 CWE-367

CAPEC (Attack Pattern)

CAPEC-27

Original source: https://nvd.nist.gov/vuln/detail/CVE-2023-33119

First tracked: February 15, 2026 at 08:52 PM

Classified by LLM (prompt v3) · confidence: 95%