LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

xen: multiple vulnerabilities

Package(s):xen CVE #(s):CVE-2008-1945 CVE-2008-1952
Created:October 2, 2008 Updated:May 13, 2009
Description: From the Red Hat alert:

It was discovered that the hypervisor's para-virtualized framebuffer (PVFB) backend failed to validate the frontend's framebuffer description properly. This could allow a privileged user in the unprivileged domain (DomU) to cause a denial of service, or, possibly, elevate privileges to the privileged domain (Dom0). (CVE-2008-1952)

A flaw was found in the QEMU block format auto-detection, when running fully-virtualized guests and using Qemu images written on removable media (USB storage, 3.5" disks). Privileged users of such fully-virtualized guests (DomU), with a raw-formatted disk image, were able to write a header to that disk image describing another format. This could allow such guests to read arbitrary files in their hypervisor's host (Dom0). (CVE-2008-1945)

Alerts:
Ubuntu USN-776-2 2009-05-13
Ubuntu USN-776-1 2009-05-12
Debian DSA-1799-1 2009-05-11
CentOS CESA-2008:0892 2008-10-05
Red Hat RHSA-2008:0892-01 2008-10-01
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds