Vigil@nce - Xen: information disclosure via handle_xyz_io
March 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can read a memory fragment via the handle_xyz_io
functions of Xen, in order to obtain sensitive information.
Impacted products: Unix (platform)
Severity: 1/4
Creation date: 05/03/2015
DESCRIPTION OF THE VULNERABILITY
The Xen product emulates elements of an x86 system.
However, the handle_pit_io(), handle_pmt_io() and
handle_rtc_io()XYZ functions do not initialize a memory area
before returning it to the user.
A local attacker can therefore read a memory fragment via the
handle_xyz_io functions of Xen, in order to obtain sensitive
information.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Xen-information-disclosure-via-handle-xyz-io-16320