Privilege Escalation via Hypercall Access in Xen

Privilege Escalation via Hypercall Access in Xen

CVE-2013-4554 · MEDIUM Severity

AV:A/AC:L/AU:S/C:P/I:P/A:P

Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.

Learn more about our User Device Pen Test.