Xen patches new virtual-machine escape vulnerability
A new vulnerability in emulation code used by the Xen virtualization software can allow attackers to bypass the critical security barrier between virtual machines and the host operating systems they run on.
The vulnerability is located in the CD-ROM drive emulation feature of QEMU, an open source hardware emulator that’s used by Xen, KVM and other virtualization platforms. The flaw is tracked as CVE-2015-5154 in the Common Vulnerabilities and Exposures database.
The Xen Project released patches for its supported releases Monday and noted that all Xen systems running x86 HVM guests without stubdomains and which have been configured with an emulated CD-ROM drive model are vulnerable.