Sign in / up

back to article Qubes kicks Xen while it's down after finding 'fatal, reliably exploitable' bug

Qubes is once again regretting how long it's taken to abandon Xen's PV hypervisor, disclosing another three bugs including host escape vulnerabilities. The most serious bugs are in PV (paravirtualization) memory handling, XSA-213 and XSA-214. “An attacker who exploits either of these bugs can break Qubes-provided isolation. …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. phuzz Silver badge

    "only affects 64 bit x86 systems"

    Can you even buy a 32bit system any more? Even if you could, what use would a VM host be if you couldn't address more than 4GB of memory (without workarounds)?

    1 0 Reply
    1. Justin Pasher
      Reply Icon

      Re: 64-bit

      I think it's just more of a terminology semantics issue. I'm sure he just means 64-bit systems running on hardware utilizing the x86-based instruction set (versus ARM, MIPS, etc). Sure "amd64" or "x86_64" would be more correct, but I think most would understand what he means.

      0 0 Reply
    2. TheJH
      Reply Icon

      As the advisory (https://xenbits.xen.org/xsa/advisory-213.html) says:

      > The vulnerability is only exposed to 64-bit PV guests.

      On 64-bit X86 systems, with a 64-bit hypervisor, you can still run 32-bit PV guests, which can't hit the bug.

      0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like