Privilege Escalation in Xen Hypervisor on Intel VT-d Chipsets
CVE-2011-1898

Currently unrated

Key Information:

Vendor
Citrix
Status
Vendor
CVE Published:
12 August 2011

Summary

A vulnerability exists in Xen Hypervisor versions 4.1 prior to 4.1.1 and 4.0 prior to 4.0.2 that affects systems using PCI passthrough on Intel VT-d chipsets lacking interrupt remapping. This flaw can be exploited by guest operating system users who have the capability to generate Message Signaled Interrupts (MSI) through Direct Memory Access (DMA) by manipulating interrupt injection registers. As a result, these users could potentially gain unauthorized privileges over the host operating system, posing a significant security risk.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.