CVE-2018-8897 Opens Xen PV Systems Up To Exploit

Written by Michael Larabel in Virtualization on 9 May 2018 at 05:15 AM EDT. 1 Comment
VIRTUALIZATION
Besides kernels being addressed for the newly-disclosed CVE-2018-8897 vulnerability, users of Xen para-virtualization should also run a patched Xen system right away.

This security vulnerability can allow a malicious Xen PV guest with unprivileged rights to escalate their privilege to that of the hypervisor. Fortunately, only Xen PV on x86 is affected and not Xen HVM or PVH guests. Additionally, only x86-based AMD/Intel systems are affected.

The privilege escalation is a bit more eventful than the vulnerable kernels being just subject to denial of service / crashing. More details on the Xen impact and the available patches via XSA-260.
1 Comment
Related News
QEMU 9.0 Released WIth True Multi-Queue Support For VirtIO Block Driver
CoCo VMs On Linux Will Now Panic If RdRand Is Broken To Avoid Catastrophic Conditions
More Efficient VirtIO DRM Driver To Import Scanout Buffers From Other Devices
KVM Virtualization With Linux 6.9 Brings More Optimizations For Intel & AMD
LXD 5.21 LTS Released With UI By Default, AMD SEV Memory Encryption For VMs
VirtualBox KVM Backend Adds Support For SR-IOV Graphics
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Fedora Linux 40 Cleared For Release Next Week
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Fedora Linux 40 Available For Download As A Wonderful Upgrade
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"
MPV 0.38 Media Player Released With New Options & Fixes