|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Xen Security Advisory 254 - Information leak via side effects of speculative execution
On 01/03/2018 10:30 PM, Xen.org security team wrote: > VULNERABLE SYSTEMS > ================== > > Systems running all versions of Xen are affected. > > For SP1 and SP2, both Intel and AMD are vulnerable. > > For SP3, only Intel processors are vulnerable. Furthermore, only > 64-bit PV guests can exploit SP3 against Xen. PVH and 32-bit PV > guests cannot exploit SP3. > > We believe that ARM is affected, but unfortunately due to the > accelerated schedule, we haven't been able to get concrete input from > ARM. We are asking ARM and will publish more information when it is > available. There was a question about devicemodel stub domains. Devicemodel stub domains run in PV mode, so is it still safer to run device models in a stub domain than in domain 0? The short answer is, yes, it is still safer to run stub domains than otherwise. If an attacker can gain control of the device model running in a stub domain, it can indeed attempt to use these processor vulnerabilities to read information from Xen. However, if an attacker can gain control of a device model running in domain 0 without deprivileging, the attacker can gain control of the entire system. Even with qemu deprivileging, the qemu process may be able to execute speculative execution attacks against the hypervisor. So although XSA-254 does affect device model stub domains, they are still safer than not running with a stub domain. -George _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |