Xen Security Advisory CVE-2017-10912 [page transfer may allow PV guest to elevate privilege]

Description:  Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.

Impact: A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks.

Mitigation: Updates are available. Please check specific vendor advisory for more information.

Reference URL’s:

Share