Local Guest Users Can Write to Read-Only Disk Image in Xen 4.1.x through 4.6.x

Local Guest Users Can Write to Read-Only Disk Image in Xen 4.1.x through 4.6.x

CVE-2015-7311 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:P

libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.

Learn more about our User Device Pen Test.