CVE-2021-28710

Name of the Vulnerable Software and Affected Versions Xen (affected versions not specified)

Description The issue is related to the implementation of Intel Virtualization Technology for Directed I/O (VT-d) in the Xen hypervisor on Intel x86 architecture computers. It involves incorrect handling of the graphics address remapping table. For efficiency reasons, address translation control structures (page tables) may be shared between CPUs for second-level translation (EPT) and IOMMUs. These page tables are set up to be 4 levels deep, but an IOMMU may require only 3 page table levels. When sharing page tables, Xen erroneously skipped stripping the top-level table, allowing the guest to write to leaf page table entries.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.