Vigil@nce - Xen: denial of service via Kernel
May 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker, who is administrator in a guest system, can enlarge
the kernel size, in order to create a denial of service on the
host system.
Severity: 1/4
Creation date: 23/05/2012
IMPACTED PRODUCTS
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The Linux kernel is stored in a file (vmlinuz) which can be
compressed with bzip2. When the system starts, this kernel in
uncompressed.
However, if data are added and the end of the vmlinuz file, and if
this file is larger than the allocated RAM for the guest system,
the host system consumes resources to start this kernel.
An attacker, who is administrator in a guest system, can therefore
enlarge the kernel size, in order to create a denial of service on
the host system.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Xen-denial-of-service-via-Kernel-11650