Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Linux kernel, Xen: privilege escalation via PV Backend Driver

February 2016 by Vigil@nce

This bulletin was written by Vigil@nce : https://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker, who is administrator in a guest system, can access to
the memory of the PV Backend Driver of Xen, in order to escalate
his privileges on the host system.

Impacted products: Debian, Fedora, Linux, NetBSD, openSUSE,
openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu, Xen.

Severity: 2/4.

Creation date: 17/12/2015.

DESCRIPTION OF THE VULNERABILITY

The Xen product uses PV Backend drivers.

However, due an optimization by the compiler, the Frontend can
access to the Backend memory.

An attacker, who is administrator in a guest system, can therefore
access to the memory of the PV Backend Driver of Xen, in order to
escalate his privileges on the host system.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

https://vigilance.fr/vulnerability/Linux-kernel-Xen-privilege-escalation-via-PV-Backend-Driver-18551


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts