Xen Security Advisory - XSA 108 - http://xenbits.xen.org/xsa/advisory-108.html

Published: 2014-10-01. Last Updated: 2014-10-01 23:04:53 UTC
by Russ McRee (Version: 1)
2 comment(s)

Xen has issued an advisory and a related patch to address an issue that allows a "buggy or malicious HVM guest to crash the host or read data relating to other guests or the hypervisor itself."

Xen 4.1 and onward are vulnerable, only x86 systems are vulnerable. ARM systems are not vulnerable.

Applying the patch resolves this issue.

Keywords: xen
2 comment(s)

Comments

This undoubtedly was the reason why Amazon and Rackspace decided to reboot their worlds last week. And why the Softlayer data center in the Pacific Northwest crashed and burned at 3 PM today. We were down for an hour after they applied the patch.
Yes, rackspace notified me earlier today that the Xen issue was the reason for the restart, and apologized for the short notice.

"When we learned of the security issue and realized its significance early last week, our engineers worked with our Xen partners to develop and test a patch, and organize a reboot plan. The patch wasn’t ready until the evening of Friday, Sept. 26. And the technical details of the vulnerability were scheduled to be publicly released on Wednesday, Oct. 1."

They had announced earlier that the reboot was coming for security reasons, but did not specify Xen. They did mention that someone else had:

"Another major cloud provider did attribute its reboot to security problems with Xen, which put all users of the affected versions of that hypervisor at heightened risk."

Diary Archives