CVE-2018-12892

Name of the Vulnerable Software and Affected Versions Xen versions 4.7 through 4.10.x

Description An issue in Xen allows malicious guest administrators or users to write to supposedly read-only disk images. This affects emulated SCSI disks, but not IDE disks or CDROM devices. The vulnerability is present in systems using qemu-xen as the device model version and libxl or libxl-based toolstacks, including xl and libvirt with the libxl driver. The issue is exploitable if the malicious guest administrator has control of the guest kernel or guest kernel command line, especially in environments that support PVHVM.

Recommendations For Xen versions 4.7 through 4.10.x, consider disabling the use of emulated SCSI disks or restricting access to them until a patch is available. As a temporary workaround, avoid using libxl or libxl-based toolstacks, and instead use alternative configurations that do not rely on qemu-xen as the device model version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.