CVE-2020-15687

The affected software is the ACRN Project Hypervisor (versions 2.0 and 1.6.1). The vulnerability arises from missing access control restrictions in the Hypervisor component, enabling a malicious entity with root access in the Service VM userspace to abuse PCIe assign/de-assign Hypercalls via craf...