cynicalsecurity ->@bsd.network

x86: broken check in memory_exchange() permits PV guest breakout

The XSA-29 fix introduced an insufficient check on XENMEM_exchange
input, allowing the caller to drive hypervisor memory accesses outside
of the guest provided input/output arrays.

IMPACT
======

A malicious or buggy 64-bit PV guest may be able to access all of
system memory, allowing for all of privilege escalation, host crashes,
and information leaks.

http://xenbits.xen.org/xsa/advisory-212.html

Apr 4, 2017 at 1:21pmWeb
Show threadcynicalsecurity ->@bsd.networkApr 4, 2017
And this one definitely affects Qubes… but don't worry and keep taking the tablets.