Xen VT-d Legacy PCI Device Pass-Through Deadlock Vulnerability

A potential deadlock vulnerability has been identified in Xen hypervisor versions 4.0 and later, when using Intel IOMMU hardware (VT-d) with legacy PCI(-X) device pass-through. The issue arises during interrupt remapping, where a lookup of the upstream PCI bridge is required. This lookup involves acquiring a lock, but is performed in an unsafe context, leading to a deadlock. The vulnerability can be exploited by passing certain types of legacy PCI devices to an unprivileged guest, causing a denial-of-service condition that affects the entire host.

Impact

Exploiting this vulnerability can cause a deadlock that disrupts the entire host system. While normal use of the affected devices by a privileged domain can also trigger the deadlock, this is not considered a security issue, but rather a regular bug.

Remediation

To address this vulnerability, avoid passing the affected types of legacy PCI devices to unprivileged guests. Applying the available patch for Xen 4.17.x also resolves the issue.