Vulnerability Details CVE-2024-31146
When multiple devices share resources and one of them is to be passed
through to a guest, security of the entire system and of respective
guests individually cannot really be guaranteed without knowing
internals of any of the involved guests. Therefore such a configuration
cannot really be security-supported, yet making that explicit was so far
missing.
Resources the sharing of which is known to be problematic include, but
are not limited to
- - PCI Base Address Registers (BARs) of multiple devices mapping to the
same page (4k on x86),
- - INTx lines.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.8%
CVSS Severity
CVSS v3 Score 7.5
References