back to article Qubes kicks Xen while it's down after finding 'fatal, reliably exploitable' bug

Qubes is once again regretting how long it's taken to abandon Xen's PV hypervisor, disclosing another three bugs including host escape vulnerabilities. The most serious bugs are in PV (paravirtualization) memory handling, XSA-213 and XSA-214. “An attacker who exploits either of these bugs can break Qubes-provided isolation. …

  1. phuzz Silver badge

    "only affects 64 bit x86 systems"

    Can you even buy a 32bit system any more? Even if you could, what use would a VM host be if you couldn't address more than 4GB of memory (without workarounds)?

    1. Justin Pasher

      Re: 64-bit

      I think it's just more of a terminology semantics issue. I'm sure he just means 64-bit systems running on hardware utilizing the x86-based instruction set (versus ARM, MIPS, etc). Sure "amd64" or "x86_64" would be more correct, but I think most would understand what he means.

    2. TheJH

      As the advisory (https://xenbits.xen.org/xsa/advisory-213.html) says:

      > The vulnerability is only exposed to 64-bit PV guests.

      On 64-bit X86 systems, with a 64-bit hypervisor, you can still run 32-bit PV guests, which can't hit the bug.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020