Xen is vulnerable to privilege escalation. An attacker can gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.
www.openwall.com/lists/oss-security/2021/01/19/5
lists.fedoraproject.org/archives/list/[email protected]/message/PZAM3LYJ5TZLSSNL3KXFILM46QKVTOUA/
lists.fedoraproject.org/archives/list/[email protected]/message/U3U4LNKKXU4UP4Z5XP6TMIWSML3QODPE/
lists.fedoraproject.org/archives/list/[email protected]/message/XIK57QJOVOPWH6RFRNMGOBCROBCKMDG2/
secdb.alpinelinux.org/v3.10/main.yaml
secdb.alpinelinux.org/v3.11/main.yaml
secdb.alpinelinux.org/v3.12/main.yaml
security.gentoo.org/glsa/202011-06
www.debian.org/security/2020/dsa-4804
xenbits.xen.org/xsa/advisory-286.html