Jun 17

Xen privilege escalation vulnerability on Intel CPU – CVE-2012-0217

I’ve just built and rolled out packages that have been patched against this.

If you are running Xen on a 64 bit machine, please make sure you update to 4.1.2-8 ASAP.

From the Xen-Announce post:

ISSUE DESCRIPTION
=================

Rafal Wojtczuk has discovered a vulnerability which can allow a 64-bit
PV guest kernel running on a 64-bit hypervisor to escalate privileges
to that of the host by arranging for a system call to return via
sysret to a non-canonical RIP. Intel CPUs deliver the resulting
exception in an undesirable processor state.

IMPACT
======

Guest administrators can gain control of the host.

Depending on the particular guest kernel it is also possible that
non-privileged guest user processes can also elevate their privileges
to that of the host.

I’ve also patched for CVE-2012-2934 – although this probably won’t hit anyone…

Leave a Reply

Your email address will not be published.