Описание
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- MitigationVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- MitigationVendor Advisory
Уязвимые конфигурации
EPSS
5.6 Medium
CVSS3
1.9 Low
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest O ...
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.
EPSS
5.6 Medium
CVSS3
1.9 Low
CVSS2