Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue exists because of erroneous set_permissions calls in the fix for CVE-2008-4405.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Xen Xend 不安全存储漏洞
Vulnerability Description
Xen 是一个开放源代码虚拟机监视器。 Xen 3.3.0版本的xend没有限制来客在/local/domain xenstore目录树中VM写入访问,这会允许子操作系统用户通过写入(1) console/tty, (2) console/limit,或(3) image/device-model-pid,以引起拒绝服务并可能具有未明的其他影响。注意: 该漏洞之所以存在是因为CVE-2008-4405错误的补丁。
CVSS Information
N/A
Vulnerability Type
N/A