4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
26.0%
Various IRQ related access control operations may not have the intended effect, thus potentially permitting a stub domain to grant its client domain access to an IRQ it doesn’t have access to itself.
Malicious or buggy stub domains kernels can mount a denial of service attack possibly affecting the whole system.
Only Xen systems using stub domains are vulnerable.
Only guests with passed-through IRQs or PCI devices are able to exploit the vulnerability.
It is remotely possible that PV guests with passthrough IRQs or devices may also be able to exploit this vulnerability, although we think this is unlikely.