This post is about my experience trying to exploit the Xen SYSRET bug (CVE-2012-0217).
This issue was patched in June 2012 and was disclosed in Xen Security Advisory 7 [1]. The bug was found by Rafal Wojtczuk and Jan Beulich. Rafal gave a talk about it at BlackHat USA 2012, [2][3].
Xen versions unpatched 4.1.2 and earlier releases are affected. In short, we won, learnt a lot and came up with some novel techniques along the way.
more here..........https://www.nccgroup.com/en/blog/2015/02/adventures-in-xen-exploitation/
This issue was patched in June 2012 and was disclosed in Xen Security Advisory 7 [1]. The bug was found by Rafal Wojtczuk and Jan Beulich. Rafal gave a talk about it at BlackHat USA 2012, [2][3].
Xen versions unpatched 4.1.2 and earlier releases are affected. In short, we won, learnt a lot and came up with some novel techniques along the way.
more here..........https://www.nccgroup.com/en/blog/2015/02/adventures-in-xen-exploitation/