An issue exists in the Linux kernel 5.5 up to and including 5.7.9, as used in Xen up to and including 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
xen xen |
||
netapp cloud backup - |
||
netapp steelstore cloud integrated storage - |
||
netapp solidfire baseboard management controller - |