xen-kernel -- PV superpage functionality missing sanity checks
The Xen Project reports:
The PV superpage functionality lacks certain validity checks on
data being passed to the hypervisor by guests. This is the case
for the page identifier (MFN) passed to MMUEXT_MARK_SUPER and
MMUEXT_UNMARK_SUPER sub-ops of the HYPERVISOR_mmuext_op hypercall as
well as for various forms of page table updates.
Use of the feature, which is disabled by default, may have unknown
effects, ranging from information leaks through Denial of Service to
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright