xen-kernel -- guest 32-bit ELF symbol table load leaking host data
The Xen Project reports:
Along with their main kernel binary, unprivileged guests may
arrange to have their Xen environment load (kernel) symbol tables
for their use. The ELF image metadata created for this purpose has a
few unused bytes when the symbol table binary is in 32-bit ELF
format. These unused bytes were not properly cleared during symbol
A malicious unprivileged guest may be able to obtain sensitive
information from the host.
The information leak is small and not under the control of the
guest, so effectively exploiting this vulnerability is probably
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright