Security Techniques

Xen exploitation part 1: XSA

Xen exploitation part 1: XSA: This blog post describes the exploitation of Xen Security Advisory 105 (XSA-105) [1] (CVE-2014-7155). This post explains the environment setup and shows the development of a fully working exploit on Linux 4.4.5.

We are not aware of any public exploit for this vulnerability, although Andrei Lutas wrote excellent articles [2] [3] [4] describing the root cause of the vulnerability and how to trigger it. This post explains the environment setup and shows the development of a fully working exploit on Linux 4.4.5 (it probably works with many others versions).

Standard