|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: Xen Security Advisory 378 v3 (CVE-2021-28694,CVE-2021-28695,CVE-2021-28696) - IOMMU page mapping issues on x86
On Wed, Sep 1, 2021 at 5:34 AM Xen.org security team <security@xxxxxxx> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Xen Security Advisory CVE-2021-28694,CVE-2021-28695,CVE-2021-28696 / XSA-378 > version 3 > > IOMMU page mapping issues on x86 > > UPDATES IN VERSION 3 > ==================== > > Warn about dom0=pvh breakage in Resolution section. > > ISSUE DESCRIPTION > ================= > > Both AMD and Intel allow ACPI tables to specify regions of memory > which should be left untranslated, which typically means these > addresses should pass the translation phase unaltered. While these > are typically device specific ACPI properties, they can also be > specified to apply to a range of devices, or even all devices. > > On all systems with such regions Xen failed to prevent guests from > undoing/replacing such mappings (CVE-2021-28694). Hi, Is there a way to identify if a system's ACPI tables have untranslated regions? Does it show up in xen or linux dmesg or can it be identified in sysfs? Thanks, Jason
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |