2270533 – (CVE-2023-46839) CVE-2023-46839 xen: phantom functions assigned to incorrect contexts

Bug 2270533 (CVE-2023-46839) - CVE-2023-46839 xen: phantom functions assigned to incorrect contexts

Summary: CVE-2023-46839 xen: phantom functions assigned to incorrect contexts

Keywords:
Status:	NEW
Alias:	CVE-2023-46839
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2270534
Blocks:
TreeView+	depends on / blocked

Reported:	2024-03-20 20:18 UTC by Marco Benatto
Modified:	2024-03-20 20:22 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Marco Benatto 2024-03-20 20:18:06 UTC

PCI devices can make use of a functionality called phantom functions,
that when enabled allows the device to generate requests using the IDs
of functions that are otherwise unpopulated.  This allows a device to
extend the number of outstanding requests.

Such phantom functions need an IOMMU context setup, but failure to
setup the context is not fatal when the device is assigned.  Not
failing device assignment when such failure happens can lead to the
primary device being assigned to a guest, while some of the phantom
functions are assigned to a different domain.

https://xenbits.xenproject.org/xsa/advisory-449.html

Comment 1 Marco Benatto 2024-03-20 20:19:47 UTC

Created xen tracking bugs for this issue:

Affects: fedora-all [bug 2270534]

Note You need to log in before you can comment on or make changes to this bug.