XEN Security Update XSA-114
CentOS 6.x with Xen 4.x Static (and CloudBoot if experimental mode is used) Hypervisors are vulnerable.
| XSA-114 | A malicious guest administrator can deny service to other tasks. If the NMI watchdog is active, a timeout might be triggered, resulting in a host crash. |
To eliminate the security issue for Static Hypervisors on CentOS 6.x:
For customers willing to upgrade to the latest hypervisor tools (corresponded to used Virtuozzo OnApp version)
Run the Virtuozzo OnApp Xen Hypervisor installer
1/onapp/onapp-hv-install/onapp-hv-xen-install.shReboot the hypervisor.
Consider migrating (if required) of running guests into any other host before the reboot.
For customers which are using latest hypervisor tools or do not want to upgrade them:
Run
1# yum update centos-xen-repo xen xen-hypervisorThis should update to the 4.2.5-37.onapp.3.el6 version.
Reboot the hypervisor.
Consider migrating (if required) of running guests into any other host before the reboot.
