Xen starts to suffer security vulnerabilities

VMware products are not the only ones suffering security vulnerabilities. The wider audience the bigger chances to find out developers errors in every software, in every industry.

So after bugs which obliged VMware to release new Workstation 6.0.1, Player 2.0.1, ACE 2.0.1 and Server 1.0.4, it’s now Xen turn.

Quoting from Secunia:

Joris van Rantwijk has reported a vulnerability in Xen, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to an input validation error in tools/pygrub/src/GrubConf.py. This can be exploited by “root” users of a guest domain to execute arbitrary commands in domain 0 via specially crafted entries in grub.conf when the guest system is booted.

The vulnerability is reported in Xen 3.0.3. Other versions may also be affected.

Grant only trusted users “root” privileges to guest domains.

Read the whole securiy bulletin at the source.

Since Xen is used as virtualization engine by XenSource, Virtual Iron, Novell and Red Hat, all of their commercial solutions may be affected by the same vulnerability. Check with vendors to confirm this.