Clarification on security advisory

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Clarification on security advisory

who.are.you

>
> IMPACT
> ======
>
> Xen guests may be able to infer the contents of arbitrary host memory,
> including memory assigned to other guests.
>

So an exploit utilised within one Dom-U can then go on to exploit another Dom-U. This is easy to read.


>
> Additionally, in general, attacks within a guest (from guest user to
> guest kernel) will be the same as on real hardware.  Consult your
> operating system provider for more information.
>

I really don't understand the meaning of this.
Does this mean that a Dom-U exploit can then go on to exploit the Dom-0 too?
A Dom-U exploit == a baremetal exploit?

_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xenproject.org/mailman/listinfo/xen-users
Reply | Threaded
Open this post in threaded view
|

Re: Clarification on security advisory

George Dunlap
On Fri, Jan 12, 2018 at 7:30 PM,  <[hidden email]> wrote:

>
>>
>> IMPACT
>> ======
>>
>> Xen guests may be able to infer the contents of arbitrary host memory,
>> including memory assigned to other guests.
>>
>
> So an exploit utilised within one Dom-U can then go on to exploit another Dom-U. This is easy to read.
>
>
>>
>> Additionally, in general, attacks within a guest (from guest user to
>> guest kernel) will be the same as on real hardware.  Consult your
>> operating system provider for more information.
>>
>
> I really don't understand the meaning of this.
> Does this mean that a Dom-U exploit can then go on to exploit the Dom-0 too?
> A Dom-U exploit == a baremetal exploit?

No.  If you're running Linux in an HVM guest, and your Linux kernel
doesn't have the KPTI patches, then a userspace process ("guest user")
can use Meltdown to attack the kernel ("guest kernel").

In other words, to protect your systems from Meltdown, you need to do
two things:
1. Move your PV Linux guests to HVM or PVH
2. Install the Linux KPTI patches / Windows Meltdown hotfixes.

 -George

_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xenproject.org/mailman/listinfo/xen-users