7.0
7.0
Docs menu
MENU

XEN Security Update XSA-111, XSA-112

Both CentOS 5.x with Xen 3.4.4 (both Static and CloudBoot HVs) and CentOS 6.x ( Static and CloudBoot HVs on experimental mode) with Xen 4.2.x, running Windows and FreeBSD guests are affected.

XSA-111A buggy or malicious HVM guest can crash the host.
XSA-112A buggy or malicious HVM guest can crash the host.

To eliminate the security issues for CloudBoot Hypervisors, you need to upgrade to OnApp 3.3.2-6 Storage Update.

To eliminate the security issue for Static Hypervisors:

For customers willing to upgrade to the latest hypervisor tools (corresponded to used OnApp version)

  • Run the OnApp Xen Hypervisor installer

    1

    /onapp/onapp-hv-install/onapp-hv-xen-install.sh

  • Reboot the hypervisor.

    Consider migrating (if required) of running guests into any other host before the reboot.

For customers which are using latest hypervisor tools or do not want to upgrade them:

  • CentOS 5.x

    1

    # yum update xen xen-libs

    This should update to the the 3.4.4-4.el5.onapp.1 version.

  • CentOS 6.x

    1

    # yum update centos-xen-repo xen xen-hypervisor

    This should update to the 4.2.5-37.onapp.2.el6 version.

  • Reboot the hypervisor.

    Consider migrating (if required) of running guests into any other host before the reboot.