CVE-2015-7311

Name of the Vulnerable Software and Affected Versions Xen versions 4.1.x through 4.6.x

Description The issue arises from the libxl library in Xen not properly handling the readonly flag on disks when using the qemu-xen device model. This allows local guest users to write to a read-only disk image, potentially leading to unauthorized data modification. The vulnerability is due to the lack of restrictions on writing when using qemu-xen devices, enabling a local attacker to write data to a disk intended for read-only access.

Recommendations For Xen versions 4.1.x through 4.6.x, consider restricting access to the qemu-xen device model until a patch is available to properly enforce the readonly flag on disks. As a temporary workaround, limiting the use of read-only disk images with the qemu-xen device model can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.