XSA-221

Advisory: XSA-221

The upstream change fbbd5009e6 neglected to check that ports were suitably initialised before dereferencing their structure.

Attempt to poll each event channel port (with a 1ns timeout). If Xen is vulnerable, it should hit a NULL pointer (which for PV guests, will either take a SMAP fault or hit the XTF unmapped page at NULL).

If Xen is fixed, it will survive until the end of the loop.

See also

tests/xsa-221/main.c