[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] PV privilege escalation - advisory

On Thu, Jun 14, 2012 at 3:07 PM, Peter Braun <xenware@xxxxxxxxx> wrote:
> Is there some scenario how to test that our config is affected?

Not that I know of.

> In this article:
> http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/#more-4865
> is being mentioned about linux is affected.

That part is about how other OS, when used on bare metal, is also
vulnerable to the bug. Linux (again, when used in bare metal) should
not be affected by the bug anymore.

> Does this means that guest 2.6.18+ would be not able to abuse?

I'm not sure.

Reading RH's bugzilla page, it SEEMS to be so. Or to be accurate, when
guests uses RHEL's kernel (which contain CVE-2005-1764 and
CVE-2006-0744 fixes), those guests will not be able to abuse that bug.

Since you use centos, I'm not sure what's the best way to confirm. Buy
redhat support, perhaps, and ask them?


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.