https://xenbits.xen.org/xsa/advisory-320.html (SRBDS) 5.5 Medium CVSS3 Attack Vector LOCAL Attack Complexity LOW Privileges Required LOW User Interaction NONE Scope UNCHANGED Confidentiality Impact HIGH Integrity Impact NONE Availability Impact NONE CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.1 Low CVSS2 Access Vector LOCAL Access Complexity LOW Authentication NONE Confidentiality Impact PARTIAL Integrity Impact NONE Availability Impact NONE AV:L/AC:L/Au:N/C:P/I:N/A:N 0.001 Low EPSS Percentile 23.2% This issue is related to the SRBDS, TAA and MDS vulnerabilities. Please see: An attacker might be able to directly read or infer data from other security contexts in the system. This can include data belonging to other VMs, or to Xen itself. The degree to which an attacker can obtain data depends on the CPU, and the system configuration. Systems running all versions of Xen are affected. 5.5 Medium CVSS3 Attack Vector LOCAL Attack Complexity LOW Privileges Required LOW User Interaction NONE Scope UNCHANGED Confidentiality Impact HIGH Integrity Impact NONE Availability Impact NONE CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.1 Low CVSS2 Access Vector LOCAL Access Complexity LOW Authentication NONE Confidentiality Impact PARTIAL Integrity Impact NONE Availability Impact NONE AV:L/AC:L/Au:N/C:P/I:N/A:N 0.001 Low EPSS Percentile 23.2%x86: MMIO Stale Data vulnerabilities
ISSUE DESCRIPTION
<a href=“https://xenbits.xen.org/xsa/advisory-320.html”>https://xenbits.xen.org/xsa/advisory-320.html</a> (SRBDS) <a href=“https://xenbits.xen.org/xsa/advisory-305.html”>https://xenbits.xen.org/xsa/advisory-305.html</a> (TAA) <a href=“https://xenbits.xen.org/xsa/advisory-297.html”>https://xenbits.xen.org/xsa/advisory-297.html</a> (MDS)
Please see Intel’s whitepaper:
<a href=“https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html”>https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html</a>IMPACT
VULNERABLE SYSTEMS
Only x86 processors are vulnerable. Processors from other manufacturers (e.g. ARM) are not believed to be vulnerable.
Only Intel based processors are affected. Processors from other x86 manufacturers (e.g. AMD) are not believed to be vulnerable.
Please consult the Intel Security Advisory for details on the affected processors and configurations.
Per Xen’s support statement, PCI passthrough should be to trusted domains because the overall system security depends on factors outside of Xen’s control.
As such, Xen, in a supported configuration, is not vulnerable to DRPW/SBDR.