CVE-2012-4411
guest administrator can access qemu monitor console
A guest administrator who is granted access to the graphical console of a Xen guest can access the qemu monitor. The monitor can be used to access host resources.
privilege uncheck?
inaccessible
A malicious guest administrator can access host resources (perhaps belonging to other guests or the underlying system) and may be able to escalate their privilege to that of the host.
privilege escalation