Xen 'dma _ pte_clear_one () 'Function Local Privilege Escalation Vulnerability
Release date:
Updated on:
Affected Systems:
XenSource Xen
Description:
--------------------------------------------------------------------------------
Bugtraq id: 63830
Xen is an open-source Virtual Machine monitor developed by the University of Cambridge.
Xen has the local permission Escalation Vulnerability in the implementation of the 'dma _ pte_clear_one () 'function. If a local attacker can access the client operating system, the attacker can exploit this vulnerability to gain elevated permissions.
<* Source: vendor
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
XenSource
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://lists.xen.org/archives/html/xen-announce
Recommended reading:
How does XenServer add local storage?
Enable and configure the SNMP service for Citrix XenServer
Install XS-Tools (XenServer) in CentOS/Linux)
XenServer Tutorial: How to Implement hot migration