Roger Pau Monne

**Name of the Vulnerable Software and Affected Versions** Xen (affected versions not specified) **Description** The issue is related to a disclosure of information in the Xen hypervisor Linux kernel. It may allow a remote attacker to gain unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xen hypervisor (affected versions not specified) Linux kernel (affected versions not specified) **Description** The issue is related to a disclosure of information in the Xen hypervisor and Linux kernel. It may allow a remote attacker to gain unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xen versions prior to 4.11.x **Description** The issue is related to a lack of privilege management mechanism in the Xen hypervisor on x86 Intel systems. Exploitation of this issue may allow an attacker to access confidential data, compromise its integrity, and cause a denial of service. The problem occurs because a backport missed a flush, resulting in incorrect IOMMU updates, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access. **Recommendations** For Xen versions prior to 4.11.x, consider applying the necessary patches or updates to ensure correct IOMMU updates and prevent unintended DMA access. As a temporary workaround, restrict access to sensitive data and consider disabling DMA access for guest OS users until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.