Xen privilege escalation vulnerability on Intel CPU - CVE-2012-0217



I've just built and rolled out packages that have been patched against this. If you are running Xen on a 64 bit machine, please make sure you update to 4.1.2-8 ASAP. From the Xen-Announce post:

ISSUE DESCRIPTION ================= Rafal Wojtczuk has discovered a vulnerability which can allow a 64-bit PV guest kernel running on a 64-bit hypervisor to escalate privileges to that of the host by arranging for a system call to return via sysret to a non-canonical RIP. Intel CPUs deliver the resulting exception in an undesirable processor state. IMPACT ====== Guest administrators can gain control of the host. Depending on the particular guest kernel it is also possible that non-privileged guest user processes can also elevate their privileges to that of the host.
I've also patched for CVE-2012-2934 - although this probably won't hit anyone...

Comments


Comments powered by Disqus