The Xen Project’s code contributions have grown more than 10% each year. Although growth is extremely healthy to the project as a whole, it has its growing pains. For the…
Read More
Monday we closed the poll for the security discussion. Thank you everyone who participated! The process has not turned up a hidden option that everyone agreed on; however, it has…
The Xen Security team recently disclosed a vulnerability, Xen Security Advisory 7 (CVE-2012-0217), which would allow guest administrators to escalate to hypervisor-level privileges. The impact is much wider than Xen; many other operating systems seem to have the same vulnerability, including NetBSD, FreeBSD, some versions of Microsoft Windows (including Windows 7), and possibly Apple OSX.
So what was the vulnerability? It has to do with a subtle difference in the way in which Intel processors implement error handling in their version of AMD’s SYSRET instruction. The SYSRET instruction is part of the x86-64 standard defined by AMD. If an operating system is written according to AMD’s spec, but run on Intel hardware, the difference in implementation can be exploited by an attacker to write to arbitrary addresses in the operating system’s memory. This blog will explore the technical details of the vulnerability.
As I mentioned in the Xen Day post, Xen.org was offered a slot at the Build an Open Source Cloud Day Boston. The Build a Cloud attendees were great. They…
The Xen.org community is currently working on several projects that don’t receive much attention but are critical to the overall success of the Xen hypervisor solution. For example, the Xen…
I have added information and a link to a new project on the Xen.org Project Page: Isolated Execution; project home page is http://isolated-exec.sourceforge.net/. For more information on this project, see…
Joana Rutkowska and her team presented very interesting insights on Xen security, as well as attacks against it, at this years Black Hat conference in Las Vegas. In a trilogy…
A new email has been established for anyone finding a security issue with any Xen build. Please send a detailed email of the problem to security@xen.org. This email distribution reaches…