From Ring3 to Ring0 - Xen emulator flaws

Bitdefender researcher Andrei Lutas published [download id=”3808″], a whitepaper detailing the exploitation of two distinct vulnerabilities which he discovered in the Xen x86 instruction emulator, also affecting other platforms based on Xen such as XenServer, XenClient, XenClient XT, Amazon and, perhaps (although this has not been tested) Oracle VM and others.
These vulnerabilities are exploitable and could lead to either denial of service at VM level or privilege escalation (from the VM userland to the kernel of the VM system), with the possibility of bypassing Intel Supervisory Mode Execution Prevention.
The vulnerabilities are listed as Xen Security Advisories XSA-105 and XSA-106. Bitdefender researchers strongly recommend applying the relevant patches.
“I would like to take this opportunity to commend the Xen team, who have acted very fast to patch the flaws” commented Bitdefender security researcher Andrei Lutas.
tags
Author
Right now
Top posts
Vulnerabilities Identified in Wyze Cam IoT Device
March 29, 2022
New FluBot and TeaBot Global Malware Campaigns Discovered
January 26, 2022
Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately
December 10, 2021
Bitdefender, Law Enforcement Partnership Saves REvil Victims Half a Billion in Ransom Demand
November 08, 2021
Bitdefender Offers Free Universal Decryptor for REvil/Sodinokibi Ransomware
September 16, 2021
LuminousMoth – PlugX, File Exfiltration and Persistence Revisited
July 21, 2021