Author Topic: Critical Xen hypervisor flaw endangers virtualized environments  (Read 24 times)

0 Members and 1 Guest are viewing this topic.

Offline Scarlett

  • Updates Moderator
  • *
  • Posts: 22996
Critical Xen hypervisor flaw endangers virtualized environments
« Reply #1 on: April 05, 2017, 08:41:13 PM »
Critical Xen hypervisor flaw endangers virtualized environments
5 April 2017, 6:34 pm



A critical vulnerability in the widely used Xen hypervisor allows attackers to break out of a guest operating system running inside a virtual machine and access the host system's entire memory.

This is a serious violation of the security barrier enforced by the hypervisor and poses a particular threat to multi-tenant data centers where the customers' virtualized servers share the same underlying hardware.

The open-source Xen hypervisor is used by cloud computing providers and virtual private server hosting companies, as well as by security-oriented operating systems like Qubes OS.

The new vulnerability affects Xen 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x and has existed in the Xen code base for over four years. It was unintentionally introduced in December 2012 as part of a fix for a different issue.

To read this article in full or to leave a comment, please click here



Source: Network World Security

>> To obtain the full NetworkWorld Security article, click the link in the first post line <<

 


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by DSTM & PseFrank

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques



Smokey's also provides free fully qualified Log / Malware Analysis & Removal Help and System Health Checks