漏洞标题
N/A
漏洞描述信息
Xenstore:合作 guests 可以创建任意数量节点。
[此CNA信息记录与多个CVE相关;文本解释了哪些方面/漏洞对应于哪个CVE。]
自从解决了XSA-322问题,已删除的域名拥有的Xenstore节点将修改为由Dom0拥有。这将允许两个恶意 guests 一起创建任意数量的Xenstore节点。这是通过域A允许域B写入到域A本地的Xenstore树来实现的。域B 然后将创建许多节点并重启。域B 创建的节点现在将属于Dom0。
通过重复这个过程无数次,可以创建任意数量的节点,因为Dom0节点的数量不受Xenstore容量限制。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0. This will allow two malicious guests working together to create an arbitrary number of Xenstore nodes. This is possible by domain A letting domain B write into domain A's local Xenstore tree. Domain B can then create many nodes and reboot. The nodes created by domain B will now be owned by Dom0. By repeating this process over and over again an arbitrary number of nodes can be created, as Dom0's number of nodes isn't limited by Xenstore quota.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Xen 安全漏洞
漏洞描述信息
Xen是英国剑桥(Cambridge)大学的一款开源的虚拟机监视器产品。该产品能够使不同和不兼容的操作系统运行在同一台计算机上,并支持在运行时进行迁移,保证正常运行并且避免宕机。 Xen Xenstore存在安全漏洞,该漏洞源于两个恶意访客可以一起创建任意数量的节点,可能会导致内存不足,从而导致拒绝服务(DoS)。
CVSS信息
N/A
漏洞类别
其他