|Description||An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct. NOTE: this issue exists because of an incomplete fix for CVE-2020-15565.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)|
Vulnerable and fixed packages
The table below lists information on source packages.
|xen (PTS)||stretch (security), stretch||4.8.5.final+shim4.10.4-1+deb9u12||fixed|
|buster, buster (security)||4.11.4+57-g41a822c392-2||vulnerable|
The information below is based on the following data on fixed versions.
|Package||Type||Release||Fixed Version||Urgency||Origin||Debian Bugs|
[stretch] - xen <not-affected> (Incomplete fix for CVE-2020-15565 not applied)
Mark first version in 4.14.x which landed in unstable as fixed, though
the issue more precisely only affects Xen versions up to 4.11 with version
containing broken backport for XSA-321 / CVE-2020-15565