Vigil@nce - Xen: memory leak via Nested Virtualization
January 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker, who is an administrator in a guest system, can use
the Nested Virtualization feature, in order to stop the Xen host
system.
Impacted products: Unix (platform)
Severity: 1/4
Creation date: 22/01/2013
DESCRIPTION OF THE VULNERABILITY
The Nested Virtualization feature is used to start a virtual
machine inside another virtual machine.
However, when a guest system enables the Nested Virtualization, a
memory area is allocated, but it is never freed.
An attacker, who is an administrator in a guest system, can
therefore use the Nested Virtualization feature, in order to stop
the Xen host system.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Xen-memory-leak-via-Nested-Virtualization-12348