x86: unintended memory sharing between guests On Intel systems that support
the “virtualize APIC accesses” feature, a guest can read and write the
global shared xAPIC page by moving the local APIC out of xAPIC mode. Access
to this shared page bypasses the expected isolation that should exist
between two guests.
Author | Note |
---|---|
mdeslaur | hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary |
www.openwall.com/lists/oss-security/2022/11/01/3
xenbits.xen.org/xsa/advisory-412.html
launchpad.net/bugs/cve/CVE-2022-42327
nvd.nist.gov/vuln/detail/CVE-2022-42327
security-tracker.debian.org/tracker/CVE-2022-42327
www.cve.org/CVERecord?id=CVE-2022-42327
xenbits.xen.org/xsa/advisory-412.html
xenbits.xenproject.org/xsa/advisory-412.txt