Privilege Escalation in Xen Hypervisor on Intel VT-d Chipsets
CVE-2011-1898

Currently unrated

Key Information:

Vendor: Citrix
Status: Xen
Vendor: CVE Published:; 12 August 2011

Summary

A vulnerability exists in Xen Hypervisor versions 4.1 prior to 4.1.1 and 4.0 prior to 4.0.2 that affects systems using PCI passthrough on Intel VT-d chipsets lacking interrupt remapping. This flaw can be exploited by guest operating system users who have the capability to generate Message Signaled Interrupts (MSI) through Direct Memory Access (DMA) by manipulating interrupt injection registers. As a result, these users could potentially gain unauthorized privileges over the host operating system, posing a significant security risk.

References

http://lists.opensuse.org/opensuse-security-announce/2011...

vendor-advisoryx_refsource_SUSE

http://xen.org/download/index_4.0.2.html

x_refsource_CONFIRM

http://xen.1045712.n5.nabble.com/Xen-security-advisory-CV...

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Aug 12, 2011
Vulnerability Reserved
May 4, 2011