Xen contains a flaw is due to an internal flag used to temporarily suppress IOMMU TLB flushes failing to be cleared when certain unspecified error paths occur, which can result in IOMMU TLB flushes failing to be performed. This may allow a local attacker to potentially gain access to stale TLB entries that should have been cleared.