It is very clear: https://xenbits.xen.org/xsa/advisory-254.html
IMPACT ====== Xen guests may be able to infer the contents of arbitrary host memory, including memory assigned to other guests. VULNERABLE SYSTEMS ================== Systems running all versions of Xen are affected. MITIGATION ========== There is no mitigation for SP1 and SP2. RESOLUTION ========== There is no available resolution for SP1 or SP3. For those unaware - this is a hardware fault. CPUs make use of speculative execution (Spectre) or Pipelines (Meltdown) - both of which can be used to attempt to access illegal memory. The access fails, however, it's possible to use the "stolen" memory before the access-fail is enforced in a way that makes it available on a side-channel (cache in these exploits, but could be anything else like ports/dma) to any non-privileged process. -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/13f7549d-5011-4eb5-9396-c2a8e23e0ed4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
