The Xen Project fixed several vulnerabilities in its popular virtualization software, including one that could allow potential attackers to break out of a virtual machine and gain control over the host system.
Vulnerabilities that break the isolation layer between virtual machines are the most serious type for a hypervisor like Xen, whose main goal is to allow running multiple VMs on the same hardware in a secure manner.
The Xen patches released Thursday fix a total of nine vulnerabilities, but the privilege escalation one identified as CVE-2015-7835 is the most serious one.
To read this article in full or to leave a comment, please click here