CVE-2018-8897 Opens Xen PV Systems Up To Exploit
Written by Michael Larabel in Virtualization on 9 May 2018 at 05:15 AM EDT. 1 Comment
Besides kernels being addressed for the newly-disclosed CVE-2018-8897 vulnerability, users of Xen para-virtualization should also run a patched Xen system right away.

This security vulnerability can allow a malicious Xen PV guest with unprivileged rights to escalate their privilege to that of the hypervisor. Fortunately, only Xen PV on x86 is affected and not Xen HVM or PVH guests. Additionally, only x86-based AMD/Intel systems are affected.

The privilege escalation is a bit more eventful than the vulnerable kernels being just subject to denial of service / crashing. More details on the Xen impact and the available patches via XSA-260.
Related News
About The Author
Author picture

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter or contacted via

Popular News This Week