Hi Shaunm001,
Thanks for your reply. Based on my research, when you enable DMA in the host, it will not cascade to virtual machine. Kernel DMA Protection protects against external peripherals from gaining unauthorized access to memory. Physical threats such as drive-by Direct Memory Access (DMA) attacks typically happen quickly while the system owner isn't present. PCIe hot plug devices such as Thunderbolt, USB4, and CFexpress allow users to attach new classes of external peripherals, including graphics cards or other PCI devices, to their PCs with the plug-and-play ease of USB. Because PCI hot plug ports are external and easily accessible, devices are susceptible to drive-by DMA attacks.Kernel DMA Protection (Memory Access Protection) for OEMs | Microsoft Learn
Best Regards,
Ian Xue
If the Answer is helpful, please click "Accept Answer" and upvote it.