Vulnerability identifier: #VU63307
Vulnerability risk: Low
Exploitation vector: Local
Exploit availability: No
Vendor: Xen Project
The vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to a race condition in the scsifront ring buffer. A malicious backend can exploit the race condition and read or write data or perform a denial of service attack.
Install updates from vendor's website.
Vulnerable software versions
Xen: All versions
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?