An issue was discovered in all versions of Xen allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1891088]
Acknowledgments: Name: the Xen project
External References: https://xenbits.xen.org/xsa/advisory-347.html
Upstream fix: https://xenbits.xen.org/xsa/xsa347/xsa347-1.patch https://xenbits.xen.org/xsa/xsa347/xsa347-2.patch https://xenbits.xen.org/xsa/xsa347/xsa347-3.patch
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-27670
Mitigation: Avoid passing through physical devices to untrusted guests.
Statement: This flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in the Extended Life Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.