Xen Security Vulnerability XSA-108

Recently we were informed by our data center about the Xen security vulnerability XSA-108. According to Xen, this vulnerability has a major impact on Xen hypervisors. The following is more detailed information:

Technical Description of the Vulnerability

The MSR range specified for APIC use in the x2APIC access model spans 256 MSRs. Hypervisor code emulating read and write accesses to these
MSRs erroneously covered 1024 MSRs. While the write emulation path is written that accesses to the extra MSRs would not have any bad
effect (they end up being no-ops), the read path would (attempt to) access memory beyond the single page set up for APIC emulation.


A buggy or malicious HVM guest machine can crash the entire Xen Hypervisor/host or it can read data relating to other guests or the hypervisor itself.

Vulnerable systems

Xen Hypervisor running Xen 4.1 and onwards are vulnerable and must be patched.

Only x86 systems are vulnerable. ARM systems are not vulnerable.


Only HVM guest machines are vulnerable. Hence, Xen Hypervisors running only PV guests are safe and they can ignore this vulnerability.


Applying the patch attached in following URL will resolve this issue:


Impact on AccuWebHosting servers

To mitigate this vulnerability, we have already applied the security patch in all our XEN Hypervisors. All AccuWebHosting Hypervisors are safe.

Please refer to the following URLs for more information:



(Visited 205 times, 1 visits today)

Leave a Reply

AlphaOmega Captcha Classica  –  Enter Security Code

This site uses Akismet to reduce spam. Learn how your comment data is processed.