Описание
The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
Меры по смягчению последствий
Where the HVM guest is explicitly configured to use shadow paging (eg
via the hap=0' xl domain configuration file parameter), changing to HAP (eg by setting hap=1') will avoid exposing the vulnerability to
those guests. HAP is the default (in upstream Xen), where the
hardware supports it; so this mitigation is only applicable if HAP has
been disabled by configuration.
(This mitigation is not applicable to PV guests.)
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | xen | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
8.5 High
CVSS3
Связанные уязвимости
The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
The shadow-paging feature in Xen through 4.8.x mismanages page referen ...
The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
EPSS
8.5 High
CVSS3