Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Xen: write on readonly disks via libxl

November 2015 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker, who is administrator in a guest system, configured with qemu-xen and libxl, can write to disk images of the host system, even if they are configured as read-only.

Impacted products: openSUSE, SUSE Linux Enterprise Desktop, SLES, Xen.

Severity: 2/4.

Creation date: 22/09/2015.

DESCRIPTION OF THE VULNERABILITY

The Xen product can be configured with qemu-xen (instead of qemu-xen-traditional), and can use tools linked to libxl.

However, with this configuration, a disk cannot be mounted as read-only, but libxl does not indicate it.

An attacker, who is administrator in a guest system, configured with qemu-xen and libxl, can therefore write to disk images of the host system, even if they are configured as read-only.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/X...




See previous articles

    

See next articles