CVE-2024-45818

Name of the Vulnerable Software and Affected Versions Xen hypervisor versions prior to 4.7

Description The issue is related to the hypervisor's code for accelerating VGA memory accesses for HVM guests in "standard" mode. The locking mechanism involved has an unusual discipline, which can lead to a deadlock when emulating an instruction with two memory accesses that touch VGA memory. This behavior results in a problem when the lock is attempted to be re-acquired, causing a deadlock. The deadlock was previously found but analyzed incorrectly, and the fix was incomplete. The logic for this feature has been removed in staging since it was discovered to be accidentally disabled since Xen 4.7.

Recommendations To resolve the issue, backport the removal of most of the feature related to VGA memory access acceleration for HVM guests in "standard" mode. As a temporary workaround, consider disabling the feature to minimize the risk of exploitation. Note that even with the feature disabled, the lock would still be acquired for any accesses to the VGA MMIO region. At the moment, there is no information about a newer version that contains a fix for this vulnerability.