Vigil@nce - Xen: privilege elevation via QEMU Monitor
September 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An administrator of a guest system can use a keyboard shortcut, in
order to access to the QEMU Monitor console, so he can elevate his
privileges on the host.
Impacted products: Debian, Fedora, Unix (platform)
Severity: 2/4
Creation date: 07/09/2012
DESCRIPTION OF THE VULNERABILITY
The QEMU Monitor console is used to:
– obtain information on devices
– change the configuration
– etc.
This console is reachable using keys CTRL and ALT. However, this
keyboard shortcut is not disabled from guest systems, which have a
graphical console.
An administrator of a guest system can therefore use a keyboard
shortcut, in order to access to the QEMU Monitor console, so he
can elevate his privileges on the host.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Xen-privilege-elevation-via-QEMU-Monitor-11922