SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Xen Vendors:   Xen Project
Xen VPMU Feature May Let Local Users Deny Service, Obtain Information, and Gain Elevated Privileges
SecurityTracker Alert ID:  1034230
SecurityTracker URL:  http://securitytracker.com/id/1034230
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Nov 24 2015
Impact:   Denial of service via network, Disclosure of system information, Disclosure of user information, User access via local system
Vendor Confirmed:  Yes  
Version(s): 3.3 and after
Description:   A vulnerability was reported in Xen. A local user on the guest system may be able to cause denial of service conditions, obtain potentially sensitive information, or gain elevated privileges on the host system.

A local user on the guest system can invoke the unsupported virtual Performance Measurement Unit (VPMU) feature with unknown effects that may include denial of service, information disclosure, or privilege escalation.

Systems with the VPMU feature enabled are affected.

x86 systems are affected.

On versions prior to 4.6, only HVM guests can invoke the VPMU feature. On versions 4.6 and after, all guest systems can invoke the VPMU feature.

Impact:   A local user on the guest system can cause denial of service conditions on the host system.

A local user on the guest system can gain elevated privileges on the host system.

A local user can obtain potentially sensitive information on the target system.

Solution:   The vendor has issued a patch that documents the vulnerability but does not correct it. The vendor advises users to not enable VPMU support (by omitting the "vpmu" hypervisor command line option).

The vendor's advisory is available at:

http://xenbits.xen.org/xsa/advisory-163.html

Vendor URL:  xenbits.xen.org/xsa/advisory-163.html (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC