Vigil@nce - Xen: infinite loop of hugetlbfs
April 2016 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker in a PV guest system can generate an infinite loop via
hugetlbfs of Xen, in order to trigger a denial of service on the
host system.
Impacted products: Fedora, Linux, Xen.
Severity: 1/4.
Creation date: 14/04/2016.
DESCRIPTION OF THE VULNERABILITY
The Xen product can be installed on the Linux kernel with the
support of hugetlbfs (large pages) enabled.
However, a PV guest can use these hugetlbfs, and trigger an
infinite error loop on the host system.
An attacker in a PV guest system can therefore generate an
infinite loop via hugetlbfs of Xen, in order to trigger a denial
of service on the host system.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Xen-infinite-loop-of-hugetlbfs-19384