FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xen-kernel -- x86: Privilege escalation in PV guests

Affected packages
xen-kernel < 4.7.0_3

Details

VuXML ID 032aa524-5854-11e6-b334-002590263bf5
Discovery 2016-07-26
Entry 2016-08-02

The Xen Project reports:

The PV pagetable code has fast-paths for making updates to pre-existing pagetable entries, to skip expensive re-validation in safe cases (e.g. clearing only Access/Dirty bits). The bits considered safe were too broad, and not actually safe.

A malicious PV guest administrator can escalate their privilege to that of the host.

References

CVE Name CVE-2016-6258
FreeBSD PR ports/211482
URL http://xenbits.xen.org/xsa/advisory-182.html