Grant Table Operation Version Check Bypass Vulnerability in Xen 4.2 through 4.5

Grant Table Operation Version Check Bypass Vulnerability in Xen 4.2 through 4.5

CVE-2015-4163 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_version.

Learn more about our Web Application Penetration Testing UK.