XEN Security Update XSA-139/140, CVE-2015-5165/5166
| Issue | Summary | Affected versions |
|---|---|---|
| XSA-139/CVE-2015-5165 | An HVM guest which has access to an emulated IDE disk device may be able to exploit this vulnerability in order to take over the qemu process elevating its privilege to that of the qemu process. | Both Static and CloudBoot hypervisors under CentOS 6.x with Xen 4.x running FreeBSD or Windows guests are vulnerable. |
| XSA-140/CVE-2015-5166 | A guest may be able to read sensitive host-level data relating to itself which resides in the QEMU process. Such information may include things such as information relating to real devices backing emulated devices or passwords which the host administrator does not intend to share with the guest admin. | Both Static and CloudBoot hypervisors under CentOS 5.x and 6.x with X en 3.4.4 and 4.x might be affected when running Windows guests with uninstalled (manually) PV drivers. |
To eliminate the security issue for Static Hypervisors:
For customers willing to upgrade to the latest hypervisor tools (corresponding to OnApp version installed)
Run the OnApp Xen Hypervisor installer
1/onapp/onapp-hv-install/onapp-hv-xen-install.shReboot the hypervisor.
Consider migrating (if required) of running guests into any other host before the reboot.
For customers which are using latest hypervisor tools or do not want to upgrade them:
CentOS 5.x
1# yum update xen xen-libsThis should update to the xen-3.4.4-15.el5.onapp.x86_64 version.
CentOS 6.x
1# yum update xen xen-hypervisorThis should update to the xen-4.2.5-38.12.onapp.el6.x86_64 version.
Reboot the hypervisor.
Consider migrating (if required) of running guests into any other host before the reboot.
