• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Xen mov_to_rr RID Local Security Bypass Vulnerability

Xen is prone to a local security-bypass vulnerability because it fails to validate user-supplied input.

Local attackers can leverage this issue to read memory from VT-i domains other than the one they have access to. This could allow attackers to obtain potentially sensitive information that could aid in further attacks.

Versions prior to Xen 3.1.2 on IA64 platforms are vulnerable.