Vigil@nce: Xen, denial of service via PVFB
June 2008 by Vigil@nce
A local attacker can create a denial of service by using a long
FrameBuffer.
– Gravity: 1/4
– Consequences: denial of service of service
– Provenance: user shell
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 25/06/2008
– Identifier: VIGILANCE-VUL-7909
IMPACTED PRODUCTS
Unix - plateform
DESCRIPTION
The Xen virtualisation software implements PVFB (Para Virtualized
FrameBuffer) in order to propose a FrameBuffer (improved console)
to hosted systems.
When the FrameBuffer size is too big, an error message is
displayed, however, the program continues to use the big value.
This error can be used to reserve all host memory.
A local attacker can thus create a denial of service on the dom0.
CHARACTERISTICS
– Identifiers: CVE-2008-1952, VIGILANCE-VUL-7909
– Url: https://vigilance.aql.fr/tree/1/7909