Freely subscribe to our NEWSLETTER

Security Vulnerability

Vigil@nce - Xen: infinite loop of hugetlbfs

April 2016 by Vigil@nce

SYNTHESIS OF THE VULNERABILITY

An attacker in a PV guest system can generate an infinite loop via
hugetlbfs of Xen, in order to trigger a denial of service on the
host system.

Impacted products: Fedora, Linux, Xen.

Severity: 1/4.

Creation date: 14/04/2016.

DESCRIPTION OF THE VULNERABILITY

The Xen product can be installed on the Linux kernel with the
support of hugetlbfs (large pages) enabled.

However, a PV guest can use these hugetlbfs, and trigger an
infinite error loop on the host system.

An attacker in a PV guest system can therefore generate an
infinite loop via hugetlbfs of Xen, in order to trigger a denial
of service on the host system.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

https://vigilance.fr/vulnerability/Xen-infinite-loop-of-hugetlbfs-19384

See previous articles

See next articles

Security Vulnerability

All our news in english

Alle unsere News auf deutsch

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

Subscribe

Freely subscribe to our NEWSLETTER

See previous articles

See next articles

Security Vulnerability

All our news in english

Alle unsere News auf deutsch

Your podcast Here

All new podcasts

Global Security Mag Copyright 2011