Patch/Configuration Management, Vulnerability Management

Xen hypervisor vulnerability found

A bug impacting all versions of open source Xen hybervisor that could allow an attacker to gain host privileges has been reported.

Quarkslab researcher Jérémie Boutoille discovered and made the initial report on the issue, which carries the Xen Security Advisory XSA 182 (CVE-2016-6258).

“The PV (paravirtualization) pagetable code has fast-paths for making updates to pre-existing pagetable entries, to skip expensive re-validation in safe cases (e.g. clearing only Access/Dirty bits).  The bits considered safe were too broad, and not actually safe,” the advisory states.

This could allow a malicious PV guest administrator to escalate their privilege to that of the host, Xen said. The vulnerability is only exposed to guests on x86 hardware.

Xen reported the problem is in the hypervisor code saying this problem is very similar to the critical XSA 148 bug that was disclosed last year.

A patch is available here.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.