Mandriva Linux Security Advisory - Tavis Ormandy discovered a heap overflow flaw during video-to-video copy operations in the Cirrus VGA extension code that is used in Xen. A malicious local administrator of a guest domain could potentially trigger this flaw and execute arbitrary code outside of the domain. Tavis Ormandy also discovered insufficient input validation leading to a heap overflow in the NE2000 network driver in Xen. If the driver is in use, a malicious local administrator of a guest domain could potentially trigger this flaw and execute arbitrary code outside of the domain. Steve Kemp found that xen-utils used insecure temporary files within the xenmon tool that could allow local users to truncate arbitrary files. Joris van Rantwijk discovered a flaw in Pygrub, which is used as a boot loader for guest domains. A malicious local administrator of a guest domain could create a carefully-crafted grub.conf file which could trigger the execution of arbitrary code outside of that domain.
9076c2c1e558f53249d3caac94be7f10d92bcf80c2427453260d6123d770d26bUbuntu Security Notice 527-1 - Joris van Rantwijk discovered that the Xen host did not correctly validate the contents of a Xen guests's grug.conf file. Xen guest root users could exploit this to run arbitrary commands on the host when the guest system was rebooted.
b20366bfd1d1fb2c8d548ccbaca36149c280a32d2dedb03ec5ce0141a24f9566Debian Security Advisory 1384-1 - Several local vulnerabilities have been discovered in the Xen hypervisor packages which may lead to the execution of arbitrary code.
0bad15b2042243424b50123d45cc64805a60da96940fabc1981f391e523354a3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed