CVE ID:	CVE-2011-1898
Description:	Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers."
Test IDs:	1.3.6.1.4.1.25623.1.0.70551
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1898 http://xen.1045712.n5.nabble.com/Xen-security-advisory-CVE-2011-1898-VT-d-PCI-passthrough-MSI-td4390298.html http://theinvisiblethings.blogspot.com/2011/05/following-white-rabbit-software-attacks.html http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062112.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062139.html SuSE Security Announcement: SUSE-SU-2011:0942 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00018.html SuSE Security Announcement: openSUSE-SU-2011:0941 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00017.html

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: