Re: Xen PV memory virtualization code security issue?

To: Hauke Fath <hf%spg.tu-darmstadt.de@localhost>, port-xen <port-xen%NetBSD.org@localhost>
Subject: Re: Xen PV memory virtualization code security issue?
From: John Nemeth <jnemeth%cue.bc.ca@localhost>
Date: Fri, 30 Oct 2015 06:22:57 -0700

On Oct 30, 12:27pm, Hauke Fath wrote:
} 
} has this 
} 
} <https://raw.githubusercontent.com/QubesOS/qubes-secpack/master/QSBs/qsb-022-2015.txt> 
} (via fefe.de)
} 
} been seen already? 

     Yes, it has.  Our xenkernel packages have all been updated
with the fix, plus several others.

} Relevance for NetBSD/xen?

     This is a bug in the Xen hypervisor itself.  It allows a
malicious PV guest to get access to physical memory.  At that point,
the host and all guests have been fully comprimised.  It is not
directly related to NetBSD/xen except that if NetBSD is running on
a Xen system that has been comprimised, it will be comprimised as
well.

}-- End of excerpt from Hauke Fath

References:
- Xen PV memory virtualization code security issue?
  - From: Hauke Fath

Prev by Date: Xen PV memory virtualization code security issue?
Next by Date: Re: NetBSD v70/amd64 and XEN v45 troubles
Previous by Thread: Xen PV memory virtualization code security issue?
Indexes:

Home | Main Index | Thread Index | Old Index