the stream

details on the Xen exploit

Alexander Bochmann Sunday 09 of April, 2017
Hypervisor exploits seem to be quite popular this year - first VMware with CVE-2017-4903 (which was first announced as only affecting VMware Workstation, but according to the VMware advisory, ESXi is vulnerable too), now Xen (XSA-212).

Google Project Zero has published the details of the exploit.

At this point, the attacker can control a live pagetable, which allows the attacker to map arbitrary physical memory into the guest's virtual address space. This means that the attacker can reliably read from and write to the memory, both code and data, of the hypervisor and all other VMs on the system.