CVE-2021-27379

NameCVE-2021-27379
DescriptionAn issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possibly cause a denial of service (host OS crash) or gain privileges. This occurs because a backport missed a flush, and thus IOMMU updates were not always correct. NOTE: this issue exists because of an incomplete fix for CVE-2020-15565.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-4888-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
xen (PTS)jessie, jessie (lts)4.4.4lts5-0+deb8u1vulnerable
stretch (security), stretch (lts), stretch4.8.5.final+shim4.10.4-1+deb9u12fixed
buster, buster (security)4.11.4+107-gef32c7afa2-1fixed
bullseye4.14.6-1fixed
bullseye (security)4.14.5+94-ge49571868d-1fixed
bookworm4.17.3+10-g091466ba55-1~deb12u1fixed
trixie4.17.3+10-g091466ba55-1fixed
sid4.17.3+36-g54dacb5c02-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
xensourcejessie(unfixed)end-of-life
xensourcestretch(not affected)
xensourcebuster4.11.4+99-g8bce4698f6-1DSA-4888-1
xensource(unstable)4.14.0+80-gd101b417b7-1

Notes

[stretch] - xen <not-affected> (Incomplete fix for CVE-2020-15565 not applied)
https://xenbits.xen.org/xsa/advisory-366.html
Mark first version in 4.14.x which landed in unstable as fixed, though
the issue more precisely only affects Xen versions up to 4.11 with version
containing broken backport for XSA-321 / CVE-2020-15565

Search for package or bug name: Reporting problems