An issue was discovered in all Xen versions from 4.2 onwards, allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.
Created xen tracking bugs for this issue:
Affects: fedora-all [bug 1891093]
Name: the Xen project
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
All Xen versions from 4.2 onwards are vulnerable. Red Hat Enterprise Linux 5 is not affected by this flaw, as it shipped with an older version of Xen.
Avoid passing through physical devices to untrusted guests. Refer to the XSA-346 advisory for additional information.