[Always_Anon]

I think you don't understand. Qubes relies on software virtualization in conjunction with hardware assisted virtualization instruction sets. The aforementioned vulnerability existed in Qubes Xen.

[fsflover]

It seems the aforementioned vulnerability (XSA-133) didn't even affect Qubes: https://www.qubes-os.org/security/xsa/. Also, such vulnerabilities were the reason for them to switch to VT-d by default: https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qs....

I'm not an expert, but how could it affect the VT-d even in principle? AFAIK VM escape is impossible with software exploits in this case, only side-channel attacks are.