A vulnerability in Xen hypervisor has broken the security around multi-tenant environments. It allows Xen hardware virtual machines (HVM) to access data storaged in other HVM-based machines that are located in the same hardware. This bug, which has been registered as CVE-2014-7188, also allows to crash the host.
ARM systems and paravirtualization servers (PV) of the Open Source hypervisor haven't been affected. The only vulnerable systems are x86.
Xen Project has published a patch to solve this problem, which affected big companies, such as Amazon or Rackspace, that had to reboot their virtualized servers.
Source: www.eweek.com
You must authenticate to review this post