Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xen xen 4.7.0 |
||
xen xen 4.6.3 |
||
xen xen 4.5.3 |
Triple whammy of bugs in popular open-source platform
Analysis The Xen project has today patched four security bugs in its open-source hypervisor – three potentially allowing guest virtual machines to take over their host servers. The other programming cockup allows a guest to crash the underlying machine. This is not great news for cloud providers or anyone else running untrusted VMs on their hardware and relying on Xen, because the three holes can be exploited by malicious guests to escape their confines and attack other virtual machines or the...