FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xen-tools -- Cirrus VGA Heap overflow via display refresh

Affected packages
xen-tools < 4.7.2

Details

VuXML ID af19ecd0-0f6a-11e7-970f-002590263bf5
Discovery 2017-03-14
Entry 2017-03-23

The Xen Project reports:

A privileged user within the guest VM can cause a heap overflow in the device model process, potentially escalating their privileges to that of the device model process.

References

CVE Name CVE-2016-9603
URL http://xenbits.xen.org/xsa/advisory-211.html