CVE-2018-15468

Name of the Vulnerable Software and Affected Versions Xen versions prior to 4.12

Description An issue was discovered in Xen where the DEBUGCTL MSR contains several debugging features that are not virtualised cleanly by the processor. Specifically, Branch Trace Store is not virtualised and requires careful software configuration to prevent core lockup. This issue allows a malicious or buggy guest administrator on Intel x86 HVM or PVH to choose any MSR DEBUGCTL setting, potentially locking up the entire host and causing a Denial of Service.

Recommendations For Xen versions prior to 4.12, ensure that vPMU is enabled to prevent guests from configuring MSR DEBUGCTL settings that could lock up the host. As a temporary workaround, consider restricting access to debugging features for untrusted guests until a patch is available.