From c56fb35515291009c9c2cf94b248a39cf4687c76 Mon Sep 17 00:00:00 2001
From: Yonghua Huang <yonghua.huang@intel.com>
Date: Fri, 7 Aug 2020 15:55:19 +0800
Subject: [PATCH] doc: update security advisory for v2.1 release

Add fixed security vulnerabilities for v2.1 release.

Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
---
 doc/asa.rst | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/doc/asa.rst b/doc/asa.rst
index 45c3ceef6..b285e008c 100644
--- a/doc/asa.rst
+++ b/doc/asa.rst
@@ -3,6 +3,23 @@
 Security Advisory
 #################
 
+Addressed in ACRN v2.1
+************************
+
+We recommend that all developers upgrade to this v2.1 release (or later), which
+addresses the following security issue that was discovered in previous releases:
+
+------
+
+- Missing access control restrictions in the Hypervisor component
+   A malicious entity with root access in the Service VM
+   userspace could abuse the PCIe assign/de-assign Hypercalls via crafted
+   ioctls and payloads.  This attack can result in a corrupt state and Denial
+   of Service (DoS) for previously assigned PCIe devices to the Service VM
+   at runtime.
+
+   **Affected Release:** v2.0 and v1.6.1.
+
 Addressed in ACRN v1.6.1
 ************************