1
Candidate: CVE-2011-1898
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1898
5
http://xen.1045712.n5.nabble.com/Xen-security-advisory-CVE-2011-1898-VT-d-PCI-passthrough-MSI-td4390298.html
7
Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on
8
Intel VT-d chipsets that do not have interrupt remapping, allows guest OS
9
users to gain host OS privileges by "using DMA to generate MSI interrupts
10
by writing to the interrupt injection registers."
13
kees> for full-virtualization issues, add qemu (and kvm)
14
mdeslaur> 3.x probably not affected, marking as such
21
upstream_xen-3.1: needs-triage
22
hardy_xen-3.1: not-affected
29
upstream_xen-3.2: needs-triage
30
hardy_xen-3.2: ignored (reached end-of-life)
37
upstream_xen-3.3: needs-triage
39
lucid_xen-3.3: not-affected
40
maverick_xen-3.3: not-affected
41
natty_xen-3.3: not-affected
42
devel_xen-3.3: not-affected
45
vendor: http://www.debian.org/security/2011/dsa-2337
46
upstream_xen: released (4.1.1)
51
devel_xen: not-affected (4.1.1-2ubuntu1)