Snowflake CISO on the power of 'shared destiny' and 'yes and'
interview Lessons learned from last year's security snafu
CSO
15 May 2025 | 3
The Xen Project has reported another guest/host escape bug, its third for the year including the VENOM vuln and the XSA-135 SNAFU. The new vuln glories in the name XSA-138, aka CVE-2015-5154 and means “An HVM guest which has access to an emulated IDE CDROM device (e.g. with a device with "devtype=cdrom", or the "cdrom" …