4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
5.1%
Software targeting pre-Armv8.1-A hardware, Xen included, commonly implements atomics using Load/Store exclusive instructions in a loop that will terminate once the store succeeded.
As per the Armv8-A Architecture Reference Manual (ARM DDI0487D.a), paragraph 2.9.5 “Load-Exclusive and Store-Exclusive instruction usage restrictions”, page B2-143:
“”" It is permissible for the LoadExcl / StoreExcl loop not to make forward progress if a different thread is repeatedly doing any of the following in a tight loop:
An attacker in a domU could perform a denial of service attack on Xen by accessing a memory region shared with the hypervisor, while Xen is performing an atomic operation on the same region. As a result Xen could end up looping boundlessly. See the issue description for more details on the memory accesses that affect LoadExcl and StoreExcl operations.
Systems running all versions of Xen are affected.
x86 processors are not affected. Arm processors are vulnerable, both Armv7 and Armv8.
NOTE REGARDING LACK OF EMBARGO
Other Open Source projects released fixes to the public before we could arrange for an organized disclosure.
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
5.1%