Title: Multiple MSI mapping issues on x86 CVE: CVE-2017-15590 Issue Description: - Unprivileged guests could access devices they shouldn't, allowing them to disable MSI or MSI-X on any device. - HVM guests could trigger a codepath only meant for PV guests. - Some failure paths could leave inconsistent state. - With XSM enabled, caller and callee of a hook disagreed about the data structure pointed to by a type-less argument. Impact: Malicious or buggy guests may cause the hypervisor to crash, leading to Denial of Service (DoS). Privilege escalation and information leaks are also possible. Vulnerable Systems: All Xen versions from 3.3 and later are vulnerable. Only x86 systems are affected. ARM systems are not affected. Only guests with physical devices assigned can exploit the vulnerability. Mitigation: Not passing through physical devices to untrusted guests can avoid the vulnerability.