Xen Vulnerability Allows Hackers To Escape Qubes OS VM And Own the Host (itnews.com.au)

← Back to Stories (view on slashdot.org)

Xen Vulnerability Allows Hackers To Escape Qubes OS VM And Own the Host (itnews.com.au)

Posted by EditorDavid on Saturday July 30, 2016 @06:35AM from the exploit-XSA-182 dept.

Slashdot reader Noryungi writes: Qubes OS certainly has an intriguing approach to security, but a newly discovered Xen vulnerability allows a hacker to escape a VM and own the host. If you are running Qubes, make sure you update the dom0 operating system to the latest version.
"A malicious, paravirtualized guest administrator can raise their system privileges to that of the host on unpatched installations," according to an article in IT News, which quotes Xen as saying "The bits considered safe were too broad, and not actually safe." IT News is also reporting that Qubes will move to full hardware memory virtualization in its next 4.0 release. Xen's hypervisor "is used by cloud giants Amazon Web Services, IBM and Rackspace," according to the article, which quotes a Qubes security researcher who asks the age-old question. "Has Xen been written by competent developers? How many more bugs of this caliber are we going to witness in the future?"

3 of 73 comments (clear)

Min score:

Reason:

Sort:

well, shitlord... by Anonymous Coward · 2016-07-30 06:44 · Score: 4, Insightful

which quotes a Qubes security researcher who asks the age-old question. "Has Xen been written by competent developers? How many more bugs of this caliber are we going to witness in the future?"
Well, "Qubes security researcher", which platform did you choose for your project, and did you audit it fully before making your releases? No?
Which raises the age-old question: Has Qubes been written by competent developers?
1. Re:well, shitlord... by martyros · 2016-07-30 11:10 · Score: 4, Informative
  
  Which raises the age-old question: Has Qubes been written by competent developers?
  What's really rich about that question is that if you read their advisory, the Qubes developers couldn't figure out how to exploit the vulnerability when handed a patch that changes the problematic behavior. If not spotting the issue without having it handed to them makes the Xen developers incompetent, what does that say about the Qubes developers?
  The fact is, though, that the vulnerability is actually quite hard to spot. It's not surprising at all that experienced security researchers would fail to spot it even when given a pretty big clue; much less that the initial developers would fail to spot it.
  
  --
  TCP: Why the Internet is full of SYN.
Re:Really? by phantomfive · 2016-07-30 07:19 · Score: 5, Informative

Show me this type of vulnerability in VMware, any version
Here's one example.

Here's a story showing that VMWare tries to hide their vulnerabilities.

--
"First they came for the slanderers and i said nothing."