Vitaly Kuznetsov

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the Linux kernel, where the `kvmclock` is not properly disabled on all CPUs during shutdown, which can lead to memory corruption when restoring from hibernate. Currently, `kvmclock` is disabled from the `machine shutdown()` hook, but this only happens for the boot CPU. To prevent memory corruption, it is necessary to disable `kvmclock` on all CPUs. Writing '0' to `kvmclock` MSR does not clear the memory location but prevents the hypervisor from updating it, allowing the clock to remain usable for a short period. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue concerns the Linux kernel, where various PV features (Async PF, PV EOI, steal time) work through memory shared with the hypervisor. When restoring from hibernation, these features must be properly torn down to prevent the hypervisor from writing to stale locations after jumping to the previously hibernated kernel. The job is already done for secondary CPUs by kvm cpu down prepare(), and syscore ops are registered to do the same for the boot CPU. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xen versions 4.5.x through 4.9.x **Description** An issue in the DMOP map/unmap implementation allows attackers who control a stub domain kernel or tool stack to cause a denial of service, resulting in a host OS crash, due to a missing comparison of range start to range end. **Recommendations** For Xen versions 4.5.x through 4.9.x, update to a version that includes the fix for the DMOP map/unmap implementation issue to prevent a denial of service.

**Name of the Vulnerable Software and Affected Versions** Xen and the Linux kernel versions prior to 4.6 **Description** The issue arises from insufficient input validation in the Xen hypervisor, allowing a local attacker to cause a denial of service by attempting to access a hugetlbfs mapped area, resulting in a guest OS crash. **Recommendations** For Xen and Linux kernel versions prior to 4.6, update to a version that properly suppresses hugetlbfs support in x86 PV guests to prevent the denial of service.

**Name of the Vulnerable Software and Affected Versions** Xen versions 4.4.x **Description** The issue allows local guest users to cause a denial of service, resulting in a host crash. This can be achieved through vectors involving an uninitialized FIFO-based event channel control block, specifically when binding or moving an event to a different VCPU. **Recommendations** For Xen version 4.4.x, consider restricting access to the evtchn fifo set pending function as a temporary workaround until a patch is available.