A flaw was found in Xen, in the page table sharing between the IOMMU and CPU. This flaw allows a malicious guest user to access sensitive information pertaining to other guests to crash the host, resulting in a denial of service and privilege escalation. The highest threat from this vulnerability is to system availability.
- Suppress the use of page table sharing (command line option iommu=no-sharept
). Note however that as of Xen version 4.13 there is also a respective per-guest control (passthrough=
libxl guest config file option). If any guests have been created with an explicit setting, this setting may conflict with the addition of the iommu=no-sharept
Xen command line option.
- Suppress the use of large HAP pages (command line options hap_2mb=no
and hap_1gb=no
).
- Avoid pass-through of PCI devices to HVM guests.