Bug 2270533 (CVE-2023-46839) - CVE-2023-46839 xen: phantom functions assigned to incorrect contexts
Summary: CVE-2023-46839 xen: phantom functions assigned to incorrect contexts
Keywords:
Status: NEW
Alias: CVE-2023-46839
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2270534
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-03-20 20:18 UTC by Marco Benatto
Modified: 2024-03-20 20:22 UTC (History)
0 users

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Marco Benatto 2024-03-20 20:18:06 UTC
PCI devices can make use of a functionality called phantom functions,
that when enabled allows the device to generate requests using the IDs
of functions that are otherwise unpopulated.  This allows a device to
extend the number of outstanding requests.

Such phantom functions need an IOMMU context setup, but failure to
setup the context is not fatal when the device is assigned.  Not
failing device assignment when such failure happens can lead to the
primary device being assigned to a guest, while some of the phantom
functions are assigned to a different domain.

https://xenbits.xenproject.org/xsa/advisory-449.html

Comment 1 Marco Benatto 2024-03-20 20:19:47 UTC
Created xen tracking bugs for this issue:

Affects: fedora-all [bug 2270534]


Note You need to log in before you can comment on or make changes to this bug.