|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] PV privilege escalation - advisory
I'd also love to know if this instruction is available if VT is disabled. Basically, I run ~25 PV Linux domUs none of which has an old kernel and 1 HVM. (A FreeBSD box, with a user that I do not have to worry about) A malicious user could probably remove the bugfix from his linux kernel version and have a happy ride again, so this, well, sucks. Flipping something in BIOS would make me a lot happier. 2012/6/14 Jonathan Tripathy <jonnyt@xxxxxxxxxxx>: >>> From a brief look this vulnerability does not impact the hypervisor.. >>> right ? >> >> The bug is on the hypervisor as well: >> https://bugzilla.redhat.com/show_bug.cgi?id=813428 >> >> > My understanding is that this is *only* a hypervisor issue, *not* a kernel > issue. The only reason why an updated RHEL kernel-xen package fixes this, is > because the kernel-xen package includes the Xen hypervisor. I've always > thought the RHEL package name "kernel-xen" was misleading. They should have > called it something like "xen-server" or something. > > Please someone correct me if I'm wrong Don't know :> -- the purpose of libvirt is to provide an abstraction layer hiding all xen features added since 2006 until they were finally understood and copied by the kvm devs. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |