Vigil@nce - Xen: denial of service via AMD IOMMU
February 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker, who is located in a guest system with a PCI access,
can send interruptions to other systems, in order to create a
denial of service.
Impacted products: Unix (platform)
Severity: 1/4
Creation date: 05/02/2013
DESCRIPTION OF THE VULNERABILITY
The Xen code uses one shared table to remap AMD IOMMU
interruptions.
However, when "PCI passthrough" is enabled, a guest system can
send interruptions which are received by other systems.
An attacker, who is located in a guest system with a PCI access,
can therefore send interruptions to other systems, in order to
create a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Xen-denial-of-service-via-AMD-IOMMU-12375