Hypervisor security ero-Xen: How guest VMs can hijack host servers

  • 9 September 2016
  • 0 replies
  • 148 views

Userlevel 7
Badge +54

Triple whammy of bugs in popular open-source platform

 
                       


 
8 Sep 2016 at 20:31, Chris Williams Analysis The Xen project has today patched four security bugs in its open-source hypervisor – three potentially allowing guest virtual machines to take over their host servers. The other programming cockup allows a guest to crash the underlying machine.
 
This is not great news for cloud providers or anyone else running untrusted VMs on their hardware and relying on Xen, because the three holes can be exploited by malicious guests to escape their confines and attack other virtual machines or the system beneath. Linode, for example, has had to patch and reboot its Xen-powered servers today to address the aforementioned flaws. Amazon's AWS is not affected.
 
Full Article

0 replies

Be the first to reply!

Reply