[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] PV privilege escalation - advisory

On Thu, Jun 14, 2012 at 1:35 PM, Peter Braun <xenware@xxxxxxxxx> wrote:
> Hello,
> we are using 3.4.3 from Gitco.de on 64bit Centos 5.8 and we have PV
> guests 64bit.
> According to described security bug we are in danger.
> What do you suggest? Wait for gitco update or build xen own with patch?

It depends :)

If you use newer AMD processor, it shouldn't matter.
If you control all of your domU, you could probably wait, as it
requires root privilege on domU to trigger the bug.
However if you run (e.g.) a VPS-hosting where other people have
control of the domU, you should build your own upgraded package

FWIW, this is one of the example on how using vendor-provided packages
would be useful. Redhat already released updated that address that


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.