Newsworthy, because it appears that the bug and patch were released accidentally before the big Xen operators such as Amazon Web Services have had time to deal with it.
There's been a variety of Xen project vulnerabilities this year- just click on the blue Xen tag button to see them.
Thanks for sharing the link to the XEN PROJECT advisory and the patch.
Security Forum
Share security advice on our community forum. Ask questions, post news and best practices.
16
Xen Project: Malicious guest could cause repeated logging to the hypervisor console (CVE-2015-8615)
Fix for bug was publicly posted on xen-devel, before public knowledge of security bug
Post by: David Moore
Tweet
Upvoted By:
Thank you for posting a comment.
Newsworthy, because it appears that the bug and patch were released accidentally before the big Xen operators such as Amazon Web Services have had time to deal with it.
There's been a variety of Xen project vulnerabilities this year- just click on the blue Xen tag button to see them.
Thanks for sharing the link to the XEN PROJECT advisory and the patch.
Security Forum