xsa188 module

This module triggers host crash on vulnerable Xen 4.4

Reference:

• Proof-of-concept module for Xen XSA-188

  • CVE-2016-7154: “use after free in FIFO event channel code”

  • Discovered by Mikhail Gorobets

Usage:

chipsec_main.py -m tools.vmm.xen.xsa188

Examples:

>>> chipsec_main.py -i -m tools.vmm.xen.xsa188

Note

• Returns a Warning by default

• System may be in an unknown state, further evaluation may be needed

Important

• This module is designed to run in a VM environment

• Behavior on physical HW is undefined