On Thu, Feb 27, 2025 at 03:33:18PM +0000, Teddy Astie wrote: > Hello, > > Le 27/02/2025 à 13:57, Xen.org security team a écrit : > > Xen Security Advisory CVE-2025-1713 / XSA-467 > > > > deadlock potential with VT-d and legacy PCI device pass-through > > > > ISSUE DESCRIPTION > > ================= > > > > When setting up interrupt remapping for legacy PCI(-X) devices, > > including PCI(-X) bridges, a lookup of the upstream bridge is required. > > This lookup, itself involving acquiring of a lock, is done in a context > > where acquiring that lock is unsafe. This can lead to a deadlock. > > > > IMPACT > > ====== > > > > The passing through of certain kinds of devices to an unprivileged guest > > can result in a Denial of Service (DoS) affecting the entire host. > > > > Note: Normal usage of such devices by a privileged domain can also > > trigger the issue. In such a scenario, the deadlock is not > > considered a security issue, but just a plain bug. > > > > VULNERABLE SYSTEMS > > ================== > > > > Xen versions 4.0 and later are affected. Xen versions 3.4 and earlier > > are not directly affected, but had other issues. > > > > Systems with Intel IOMMU hardware (VT-d) are affected. Systems using > > AMD or non-x86 hardware are not affected. > > > > Only systems where certain kinds of devices are passed through to an > > unprivileged guest are vulnerable. > > > > MITIGATION > > ========== > > > > Avoiding the passing through of the affected device types will avoid > > the vulnerability. > > > > Is disabling interrupt remapping another way of mitigating this > vulnerability (e.g iommu=no-intremap) ?
No, as this allows other attacks that allow denial of service at the very least. See https://lore.kernel.org/xen-devel/19915.58644.191837.671...@mariner.uk.xensource.com/. -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab
signature.asc
Description: PGP signature
