Citrix XenServer QEMU IDE Buffer Overflow Code Execution (CTX201593)
Medium Nessus Plugin ID 85242
SynopsisThe remote host is affected by a code execution vulnerability.
DescriptionThe version of Citrix XenServer running on the remote host is affected by a heap buffer overflow condition in the IDE subsystem of the bundled QEMU software, which is related to I/O buffer access when handling certain ATAPI commands. An attacker, with sufficient privileges in an HVM guest VM, can exploit this issue to execute arbitrary code in the context of the hypervisor process on the host system. Note that exploitation requires the CDROM drive to be enabled on the guest system.
SolutionApply the relevant hotfix referenced in the vendor advisory.