nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

Patch Qubes to prevent pwnage via Xen bug

Death knell sounded for paravirtualisation, here's why

By Richard Chirgwin, 5 Apr 2017

Xen has a critical bug that means Qubes 3.1 and 3.2 need an immediate patch, for Xen packages between 4.6.4 and 4.6.26.

A recent patch introduced the bug, which according to the advisory is an insufficient check on the XENMEM_exchange input, “allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arrays.”

As a result, a malicious 64-bit guest could see “all of system memory”, with catastrophic results – privilege escalation, host crashes, and information leaks; and other vulnerabilities (for example, in a browser, networking stack, or USB stack) would let an attacker “compromise a whole Qubes system”.

The advisory notes that it stems from the paravirtualisation (PV) system in Qubes, which is overly complex and due to be unplugged: “the upcoming Qubes OS 4.0 will no longer use PV. Instead, we will be switching to HVM-based virtualisation”.

The bug was found by Google Project Zero's Jann Horn, and is fixed by running the qubes-dom0-update command or in the Qubes VM Manager. ®

The Register - Independent news and views for the tech community. Part of Situation Publishing