Menu
Xen patches new virtual-machine escape vulnerability

Xen patches new virtual-machine escape vulnerability

The flaw affects virtualization systems that use QEMU to emulate CD-ROM drives

Illustration of security online

Illustration of security online

A new vulnerability in emulation code used by the Xen virtualization software can allow attackers to bypass the critical security barrier between virtual machines and the host operating systems they run on.

The vulnerability is located in the CD-ROM drive emulation feature of QEMU, an open source hardware emulator that's used by Xen, KVM and other virtualization platforms. The flaw is tracked as CVE-2015-5154 in the Common Vulnerabilities and Exposures database.

The Xen Project released patches for its supported releases Monday and noted that all Xen systems running x86 HVM guests without stubdomains and which have been configured with an emulated CD-ROM drive model are vulnerable.

Successful exploitation can allow a user with access to a guest OS to take over the QEMU process and execute code on the host OS. That violates one of the primary safeguards of virtual machines that is designed to protect the host OS from the actions of a guest.

Fortunately, Xen-based virtualization systems that are not configured to emulate a CD-ROM drive inside the guest OS are not affected, which will probably be the case for most data centers.

The vulnerability is similar to another one reported in May in QEMU's floppy drive emulation code. However, that flaw, which was dubbed Venom, was more serious because the vulnerable code remained active even if the administrator disabled the virtual floppy drive for a virtual machine.

Multiple Linux distributions, including Red Hat Enterprise Linux 7 and SUSE Linux Enterprise 12 received patches for QEMU, KVM or Xen.


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags patchesxen projectsecurityExploits / vulnerabilities

Featured

Slideshows

Channel celebrates as HP marks 50 years in NZ

Channel celebrates as HP marks 50 years in NZ

HP marked 50 years in New Zealand at an event in the vendor's Auckland's headquarters last night, with a host of key channel figures coming along to celebrate. Photos by HP.

Channel celebrates as HP marks 50 years in NZ
EDGE 2017 - Icebreaker Sessions round 2

EDGE 2017 - Icebreaker Sessions round 2

EDGE guests experience the value of networking at the second round of Icebreaker sessions.. Photos by Maria Stefina

EDGE 2017 - Icebreaker Sessions round 2
Show Comments