Xen Hypervisor Exploit

Posted 9.20.12 by

On September 6th, Threatpost.com reported on an exploit regarding a vulnerability in Xen hypervisors that caused a virtual machine escape. The vulnerability stems from the way intel processors are implementing error handling on a specific instruction within the Xen hypervisor.

This is allowing users to gain privileged access to the VM Dom0, which is the only VM that by default has the ability to interact with the hardware. After getting this privilege, a user could then execute code from Dom0 that could affect any and all other VMs within the hypervisor.

This vulnerability was brought up and patched in June, but a new exploit occurred just last week based on the same issue.

So, why is this such a dangerous exploit? Well, it underlines an inherent flaw in the design of the Xen hypervisor. Anyone looking for a multi-tenant solution for their hosting could really have to deal with some problems that spread across several companies, and because the flaw is built-in, it’s a weak point that could continue to be exploited over and over again.

VMware, another hypervisor, doesn’t have this vulnerability because its setup does not have a VM with access to the hardware, making it a safer option when determining what solution works best for your business.

In short, when shopping around for a shared cloud solution, or if you have an IaaS structure for your company, your hypervisor’s architecture is an important point to research in order to sidestep some potentially serious security issues.

About Otava

Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.

Get in touch with an Otava Rep today – just provide us with a bit of information below to get started and we’ll reach out to you shortly!