Jérémie Boutoille has a new blog post with information on Xen, with a video at the beginning for those who are too busy to read the entire article:
Xen exploitation part 1: XSA-105, from nobody to root
This blog post describes the exploitation of Xen Security Advisory 105 (XSA-105) (CVE-2014-7155). This post explains the environment setup and shows the development of a fully working exploit on Linux 4.4.5. We are not aware of any public exploit for this vulnerability, although Andrei Lutas wrote excellent articles describing the root cause of the vulnerability and how to trigger it. This post explains the environment setup and shows the development of a fully working exploit on Linux 4.4.5 (it probably works with many others versions). […]
http://blog.quarkslab.com/xen-exploitation-part-1-xsa-105-from-nobody-to-root.html
Firmware Security 