CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
26.7%
Early versions of Xen on ARM did not support “multicall” functionality (the ability to perform multiple operations via a single hypercall) and therefore stubbed out the functionality needed to support preemption of multicalls in a manner which crashed the host.
When multicall support was subsequently added these stubs were not replaced with the correct functionality and therefore exposed to guests a code path which crashes the host.
Any guest can issue a preemptable hypercall via the multicall interface to exploit this vulnerability.
A malicious guest can crash the host.
Both 32- and 64-bit ARM systems are vulnerable from Xen 4.4 onward.
x86 systems are not vulnerable.