| |
Vulnerability CVE-2024-31146
Published: 2024-09-25
| Description: |
When multiple devices share resources and one of them is to be passed
through to a guest, security of the entire system and of respective
guests individually cannot really be guaranteed without knowing
internals of any of the involved guests. Therefore such a configuration
cannot really be security-supported, yet making that explicit was so far
missing.
Resources the sharing of which is known to be problematic include, but
are not limited to
- - PCI Base Address Registers (BARs) of multiple devices mapping to the
same page (4k on x86),
- - INTx lines. |
References: |
https://xenbits.xenproject.org/xsa/advisory-461.html
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
