CVE-2024-31146 Information

Description

When multiple devices share resources and one of them is to be passed through to a guest security of the entire system and of respective guests individually cannot really be guaranteed without knowing internals of any of the involved guests. Therefore such a configuration cannot really be security-supported yet making that explicit was so far missing.

Resources the sharing of which is known to be problematic include but are not limited to

• • PCI Base Address Registers (BARs) of multiple devices mapping to the same page (4k on x86)
• • INTx lines.

Reference

https://xenbits.xenproject.org/xsa/advisory-461.html