Xen project Mailing List

Re: [Xen-devel] Intel Security Issue

To: Jonathan Tripathy <jonnyt@xxxxxxxxxxx>

From: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>

Date: Mon, 25 Jun 2012 11:13:16 +0100

Cc: Rolu <rolu@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>

Delivery-date: Mon, 25 Jun 2012 10:14:04 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Sun, Jun 24, 2012 at 8:06 PM, Jonathan Tripathy <jonnyt@xxxxxxxxxxx> wrote: > > On 24/06/2012 20:01, Rolu wrote: >> >> On Sun, Jun 24, 2012 at 8:42 PM, Jonathan Tripathy<jonnyt@xxxxxxxxxxx> >> wrote: >>> >>> Hi Everyone, >>> >>> Given that a lot of us run "untrusted" DomUs where the Domu administrator >>> has full control over their PV kernel, could this Intel security issue >>> impact the hypervisor and put other DomUs at risk? >>> >>> >>> http://www.theverge.com/2012/6/18/3092949/security-vulnerability-x86-64-intel-processor >>> >> That page links to http://www.kb.cert.org/vuls/id/649219 which links >> to http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html >> which answers your question ;-) >> >> Yes, it's an issue. There are patches. > > Silly me! I've been following the inclusion of that Xen patch as well! I > just didn't put 2+2 together. > > Thanks for your time! Thank you for checking though -- if someone had done the same with the Linux vulnerability in 2006, Xen would have had it fixed a long time ago... -George _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.