xen is vulnerable to Misassignment of Phantom Functions. The vulnerability is due to the failure to properly handle the assignment of phantom functions when the IOMMU context setup fails. It allows attackers in the primary device being assigned to a guest while some phantom functions are assigned to a different domain.