SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Citrix XenServer Vendors:   Citrix
(Citrix Issues Fix for Citrix XenServer) Xen Buffer Overflow in qemu-dm Lets Local Administrative Users on a Guest System Gain Elevated Privileges on the Host System
SecurityTracker Alert ID:  1034524
SecurityTracker URL:  http://securitytracker.com/id/1034524
CVE Reference:   CVE-2015-8554   (Links to External Site)
Date:  Dec 22 2015
Impact:   User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 6.5 SP1 and prior
Description:   A vulnerability was reported in Xen. A local administrative user on the guest system can gain elevated privileges on the host system. Citrix XenServer is affected.

A local administrative user on the guest system can trigger a buffer overflow in 'qemu-xen-traditional' (i.e., 'qemu-dm') in the processing of MSI-X table entries to execute arbitrary code with the privileges of the QEMU process.

Guest systems that have access to a passed-through PCI device that is MSI-X capable can exploit this flaw.

Systems running only PV guests are affected.

Systems using PCI passthrough are affected.

ARM systems are not affected.

Jan Beulich of SUSE reported this vulnerability.

Impact:   A local administrative user on the guest system can gain elevated privileges on the host system.
Solution:   Citrix has issued a fix for Citrix XenServer.

For 6.5 SP1: CTX204047, CTX204053

For 6.2 SP1: CTX204046, CTX204052

For 6.1: CTX204045, CTX204051

For 6.0.2: CTX204043

For 6.0.2 Common Criteria: CTX204044, CTX204050

For 6.0: CTX204042, CTX204048

The Citrix advisory is available at:

http://support.citrix.com/article/CTX203879

Vendor URL:  support.citrix.com/article/CTX203879 (Links to External Site)
Cause:   Boundary error

Message History:   This archive entry is a follow-up to the message listed below.
Dec 17 2015 Xen Buffer Overflow in qemu-dm Lets Local Administrative Users on a Guest System Gain Elevated Privileges on the Host System



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC