CVE-2021-27379

Name of the Vulnerable Software and Affected Versions Xen versions prior to 4.11.x

Description The issue is related to a lack of privilege management mechanism in the Xen hypervisor on x86 Intel systems. Exploitation of this issue may allow an attacker to access confidential data, compromise its integrity, and cause a denial of service. The problem occurs because a backport missed a flush, resulting in incorrect IOMMU updates, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access.

Recommendations For Xen versions prior to 4.11.x, consider applying the necessary patches or updates to ensure correct IOMMU updates and prevent unintended DMA access. As a temporary workaround, restrict access to sensitive data and consider disabling DMA access for guest OS users until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.