Vigil@nce - Xen: information disclosure via ARM Kernel
May 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker, who is allowed to alter the kernel of an ARM guest,
can read a fragment of Xen memory, in order to obtain sensitive
information.
Impacted products: Unix (platform)
Severity: 1/4
Creation date: 14/05/2014
DESCRIPTION OF THE VULNERABILITY
The Xen product can load an ARM kernel.
However, if the ARM kernel indicates a size larger than the image
size, Xen copies the superior part of its memory to the guest
system.
An attacker, who is allowed to alter the kernel of an ARM guest,
can therefore read a fragment of Xen memory, in order to obtain
sensitive information.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Xen-information-disclosure-via-ARM-Kernel-14748