Xen 'copy_to_user()' Local Security Bypass Vulnerability

info
discussion
exploit
solution
references

Xen 'copy_to_user()' Local Security Bypass Vulnerability

Xen is prone to a local security-bypass vulnerability that affects PAL emulation.

Local attackers can leverage this issue to access arbitrary memory regions from HVM guest systems. This could allow attackers to obtain potentially sensitive information that could aid in further attacks.

This issue affects Xen 3.1.2 on IA64 platforms; other versions may also be vulnerable.