none (yet) assigned
unexpected pitfall in xenaccess API
A test/example program, for exercising the Xen memaccess API, does not take all necessary precautions against hostile guest behaviour.
在调用Xen memaccess API（一个helper API，默认不会被使用）的时候，会有一些之前没有被注意的漏洞。
tests/xen-access: Use helper API to setup ring and enable mem_access Prior to this patch, xen-access was setting up the ring page in a way that would give a malicous guest a window to write in to the shared ring page. This patch fixes this by using the helper API that does it safely on behalf of xen-access.
Deployments of software inspired by, or derived from, xen.git/tools/tests/xen-access/xen-access.c, may be vulnerable to privilege escalation by a malicious guest administrator.
xen-access is a test/example program and is not, without modification, useful in production. It is not built or installed by default.
not by default