CVE-2007-4993

Impact:
Important
Public Date:
2007-09-22
Bugzilla:
302801: CVE-2007-4993 xen guest root can escape to domain 0 through pygrub

The MITRE CVE dictionary describes this issue as:

pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements.

Find out more about CVE-2007-4993 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Virtualization 5 (xen) RHSA-2007:0323 2007-10-02
Red Hat Enterprise Linux 5 (xen) RHSA-2007:0323 2007-10-02

Mitigation

Last Modified

CVE description copyright © 2017, The MITRE Corporation