Integer Overflow Vulnerability in Xen Hypervisor Affects Multiple Versions
CVE-2011-1583
Currently unrated
Summary
Multiple integer overflow vulnerabilities identified in the Xen hypervisor's handling of paravirtualised guest kernel images can lead to serious security issues. Specifically, local users may exploit these vulnerabilities to cause a denial of service or potentially execute arbitrary code. The flaws arise within the bzimageloader component of the hypervisor, where improper validation of kernel image parameters can trigger buffer overflows during decompression loops and affect out-of-bounds reads. This can compromise the integrity and availability of virtualized environments.
References
Timeline
Vulnerability published
Vulnerability Reserved