Håkon Alstadheim

**Name of the Vulnerable Software and Affected Versions** Xen versions prior to 4.13 **Description** An issue in Xen allows x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) due to VMX VMEntry checks mishandling a certain case. This occurs when #DB interception, Single Stepping, and blocked by STI/MovSS are active, despite this being a legitimate state. The resulting VMEntry failure is fatal to the guest, and HVM/PVH guest userspace code may be able to crash the guest. Only systems supporting VMX hardware virtual extensions (Intel, Cyrix, or Zhaoxin CPUs) are affected, while Arm and AMD systems are unaffected. PV guests cannot leverage this issue. **Recommendations** For Xen versions prior to 4.13, consider disabling the VMX VMEntry checks as a temporary workaround until a patch is available. Restrict access to HVM/PVH guests to minimize the risk of exploitation. Avoid using the #DB interception and Single Stepping features in combination with blocked by STI/MovSS until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.