Xen has acknowledged an oversight where it failed to provide a pair of crucial security patches in its most recent update.
Tag Archives: XEN
Threatpost News Wrap, October 30, 2015
Mike Mimoso and Chris Brook discuss the news of the week: The latest Xen vulnerability, CISA passing the Senate, a researcher challenging that Weak DH paper, and more.
Xen Patches VM Escape Flaw
The Xen Project has patched a serious vulnerability that could allow an attacker in a guest virtual machine to escape and gain the ability to run arbitrary code on the host machine. The vulnerability is in the QEMU open source machine emulator that ships as part of the Xen hypervisor. The problem is related to the […]
Several Factors Mitigate VENOM’s Utility for Attackers
Proof of concept code exploiting the VENOM vulnerability has surfaced. Its author says mitigating factors make VENOM difficult to exploit at scale.