7.9 High
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
55.6%
An inverted boolean parameter resulted in TLB flushes not happening upon clearing of a present translation table entry. Retaining stale TLB entries could allow guests access to memory that ought to have been revoked, or grant greater access than intended.
Malicious guest administrators might be able to cause host-wide denial of service, or escalate their privilege to that of the host.
Xen 4.2.x and later are vulnerable. Xen 4.1.x and earlier are not vulnerable.
Only systems using Intel VT-d for PCI passthrough are vulnerable.