diff options
| author | Fernando Rodrigues <alpha@sigmasquadron.net> | 2025-02-27 17:45:48 -0300 |
|---|---|---|
| committer | Fernando Rodrigues <alpha@sigmasquadron.net> | 2025-02-27 20:50:20 +0000 |
| commit | 5af1d19112213970bfec2319514b17aa3ac868c2 (patch) | |
| tree | e973df0751a7ba056580863f64cb7b387c6dc1b7 /pkgs/development/python-modules/termplotlib/gnuplot-subprocess.patch | |
| parent | dade3cbe77fe6c63620e04d5577b8ec222d86a52 (diff) | |
xen: patch with XSA-467
When setting up interrupt remapping for legacy PCI(-X) devices,
including PCI(-X) bridges, a lookup of the upstream bridge is required.
This lookup, itself involving acquiring of a lock, is done in a context
where acquiring that lock is unsafe. This can lead to a deadlock.
The passing through of certain kinds of devices to an unprivileged guest
can result in a Denial of Service (DoS) affecting the entire host.
Note: Normal usage of such devices by a privileged domain can also
trigger the issue. In such a scenario, the deadlock is not
considered a security issue, but just a plain bug.
Systems with Intel IOMMU hardware (VT-d) are affected. Systems using
AMD or non-x86 hardware are not affected.
Only systems where certain kinds of devices are passed through to an
unprivileged guest are vulnerable.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
Diffstat (limited to 'pkgs/development/python-modules/termplotlib/gnuplot-subprocess.patch')
0 files changed, 0 insertions, 0 deletions