The XENDOMCTLmemory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm).
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libxenstore3.0": "4.4.1-0ubuntu0.14.04.5", "libxen-4.4": "4.4.1-0ubuntu0.14.04.5", "libxen-ocaml-dev": "4.4.1-0ubuntu0.14.04.5", "libxen-dev": "4.4.1-0ubuntu0.14.04.5", "xen-hypervisor-4.3-amd64": "4.4.1-0ubuntu0.14.04.5", "xen-hypervisor-4.3-armhf": "4.4.1-0ubuntu0.14.04.5", "xen-system-amd64": "4.4.1-0ubuntu0.14.04.5", "xen-hypervisor-4.4-arm64": "4.4.1-0ubuntu0.14.04.5", "libxen-ocaml": "4.4.1-0ubuntu0.14.04.5", "xenstore-utils": "4.4.1-0ubuntu0.14.04.5", "xen-system-armhf": "4.4.1-0ubuntu0.14.04.5", "xen-hypervisor-4.1-amd64": "4.4.1-0ubuntu0.14.04.5", "xen-hypervisor-4.4-armhf": "4.4.1-0ubuntu0.14.04.5", "xen-hypervisor-4.4-amd64": "4.4.1-0ubuntu0.14.04.5", "xen-utils-common": "4.4.1-0ubuntu0.14.04.5", "xen-utils-4.4": "4.4.1-0ubuntu0.14.04.5", "xen-system-arm64": "4.4.1-0ubuntu0.14.04.5" } ] }