The Xen Project has addressed a serious vulnerability that could allow an attacker in a guest virtual machine to escape and gain the ability to run arbitrary code on the host machine.
The Xen Project released patches for its supported releases, Xen systems running x86 HVM guests without stubdomains, which have been configured with an emulated CD-ROM drive model are vulnerable.
A serious vulnerability in emulation code used by the Xen virtualization software can access by attackers to bypass the critical security barrier between virtual machines and the target operating systems they run on.
The vulnerability is situated in the CD-ROM drive emulation feature of QEMU, an open source machine emulator which is used by Xen, KVM & other virtualization platforms. In the Common Vulnerabilities & Exposures database, the flaw is tracked as CVE-2015-5154..
Successful utilization can allow a user with access to a guest OS to take over the QEMU process and execute code on the host OS. That violates one of the primary safeguards of virtual machines that is generally meant to protect the target OS from the actions of a guest.
Uncertainly, Xen-based virtualization systems that are not designed to emulate a CD-ROM drive inside the guest OS are not affected, which will probably be the case for most data centers.
It has found the vulnerability is similar to another one reported in May in QEMU’s floppy drive emulation code. However, that flaw, which was dubbed Venom, was more critical because the vulnerable code remained active even if the administrator deactivated the virtual floppy drive for a virtual machine.
Linux distributions, including Red Hat Enterprise Linux 7 and SUSE Linux Enterprise 12 received patches for QEMU, KVM or Xen.