Xen Information for VU#631579

Hardware debug exception documentation may result in unexpected behavior

Status

Affected

Vendor Statement

All versions of Xen are vulnerable. Only x86 systems are vulnerable.  ARM systems are not vulnerable.

Only x86 PV guests can exploit the vulnerability.  x86 HVM and PVH guests cannot exploit the vulnerability.

An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users.
 

MITIGATION
==========

Running only HVM or PVH guests avoids the vulnerability.

Note however that a compromised device model (running in dom0 or a stub domain) can carry out this attack, so users with HVM domains are also advised to patch their systems.


RESOLUTION
==========
Applying the appropriate attached patch resolves this issue.

Vendor Information

For the full statement, please see Xen Advisory 260.

Vendor References

https://xenbits.xen.org/xsa/advisory-260.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.