Security bug found in Xen hypervisor

by | Oct 3, 2014

ETIQUETAS: Cloud-en | Hot news | Security | Xen-en

A vulnerability in Xen hypervisor has broken the security around multi-tenant environments. It allows Xen hardware virtual machines (HVM) to access data storaged in other HVM-based machines that are located in the same hardware. This bug, which has been registered as CVE-2014-7188, also allows to crash the host.

ARM systems and paravirtualization servers (PV) of the Open Source hypervisor haven't been affected. The only vulnerable systems are x86.

Xen Project has published a patch to solve this problem, which affected big companies, such as Amazon or Rackspace, that had to reboot their virtualized servers.




Submit a Comment

Your email address will not be published. Required fields are marked *

Recent posts

VDI: The most secure environment for hybrid working

Today is Data Privacy Day. The purpose of this date is to raise awareness and promote privacy and data protection best practices. It was initiated by the European Commission, the Council of Europe, and the Data Protection authorities of the European Union’s member states. Their main goal was to drive attention to the importance of privacy, user data protection, and compliance of the General Data Protection Regulation (RGPD). It is a regulation characterized by significant fines for non-compliance since its implementation in 2018.

How to avoid issues with virtual machines

Virtualization comes with a wide range of benefits for organizations. It helps cut IT costs and reduces downtime while increasing efficiency and productivity. It also increases the resiliency of networks, primarily when disasters occur, and promotes more green-friendly operations.

However, using virtual machines also comes with a set of downsides. Information security may get compromised, workloads mixed up, separation duties lost, among other issues. It is vital to know how you can get over these problems, and that’s what this article will discuss.

Let’s get started.


Stay up to date with all the news from UDS ENTERPRISE through our social networks. Follow us!

Skip to content