An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct. NOTE: this issue exists because of an incomplete fix for CVE-2020-15565.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Xen | Xen | 3.2.0 (including) | 4.12.0 (excluding) |
| Xen | Ubuntu | bionic | * |
| Xen | Ubuntu | focal | * |
| Xen | Ubuntu | groovy | * |
| Xen | Ubuntu | hirsute | * |
| Xen | Ubuntu | impish | * |
| Xen | Ubuntu | kinetic | * |
| Xen | Ubuntu | lunar | * |
| Xen | Ubuntu | mantic | * |
| Xen | Ubuntu | oracular | * |
| Xen | Ubuntu | plucky | * |
| Xen | Ubuntu | trusty | * |
| Xen | Ubuntu | xenial | * |
References
- http://www.openwall.com/lists/oss-security/2021/02/23/1
- http://xenbits.xen.org/xsa/advisory-366.html
- https://www.debian.org/security/2021/dsa-4888
- https://xenbits.xen.org/xsa/advisory-366.html
- http://www.openwall.com/lists/oss-security/2021/02/23/1
- http://xenbits.xen.org/xsa/advisory-366.html
- https://www.debian.org/security/2021/dsa-4888
- https://xenbits.xen.org/xsa/advisory-366.html