back to article Xen reports new guest-host escape, this time through CD-ROMs

The Xen Project has reported another guest/host escape bug, its third for the year including the VENOM vuln and the XSA-135 SNAFU. The new vuln glories in the name XSA-138, aka CVE-2015-5154 and means “An HVM guest which has access to an emulated IDE CDROM device (e.g. with a device with "devtype=cdrom", or the "cdrom" …

  1. Charles 9

    ANOTHER Redpill? And there are those who said a Redpill was trickier to accomplish...

  2. Anonymous Coward
    Anonymous Coward

    I do find it interesting that this (as well as other recent articles about QEMU vulnerabilities) always highlight that Xen is affected and that the articles fail to mention that KVM is also impacted.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like