Virtualization

While you pretended to work, Cloud operators fixed two Xen bugs

Missing sanity checks and host-killer bug hit open-source hypervisor

Simon Sharwood Thu 21 Jan 2016 // 04:27 UTC

While lots of the world was easing in to a new year of work in the week of January 4th, big cloud concerns running customer-facing Xen rigs were probably patching two new bugs in the hypervisor.

The Xen Project's policy is to let big cloud operators and others on a pre-disclosure list know about bugs two weeks before the rest of us, so that the bug can be quashed before bad guys try to exploit it. January 20th, US time, saw the release of the bugs to those of us with less-sensitive Xen rigs. Which means cloud operators got wind of them on the 6th, which may have been rather a stern post-holidays jump-starter.

There's two bugs this time around. XSA-167 comes about because “The PV superpage functionality lacks certain validity checks on data being passed to the hypervisor by guests.”

Xen folks say “unknown effects” are the result, “ranging from information leaks through Denial of Service to privilege escalation.”

None of which are pleasant or desirable. So grab this patch if you're running Xen 4.3 through Xen-unstable.

XSA-168 is also nasty, as the priveliged INVLPG instruction can fail under some circumstances, creating a hypervisor bug check that in turn means “A malicious guest can crash the host, leading to a Denial of Service.”

This one's an oldie, but a baddie: Xen versions from 3.3 up need patching. ®

Similar topics

Broader topics

Narrower topics

Corrections Send us news

Other stories you might like

Patch now: Zoom chat messages can infect PCs, Macs, phones with malware

Google Project Zero blows lid off bug involving that old chestnut: XML parsing

Jessica Lyons Hardcastle Tue 24 May 2022 // 21:33 UTC

Zoom has fixed a security flaw in its video-conferencing software that a miscreant could exploit with chat messages to potentially execute malicious code on a victim's device.
The bug, tracked as CVE-2022-22787, received a CVSS severity score of 5.9 out of 10, making it a medium-severity vulnerability. It affects Zoom Client for Meetings running on Android, iOS, Linux, macOS and Windows systems before version 5.10.0, and users should download the latest version of the software to protect against this arbitrary remote-code-execution vulnerability.
The upshot is that someone who can send you chat messages could cause your vulnerable Zoom client app to install malicious code, such as malware and spyware, from an arbitrary server. Exploiting this is a bit involved, so crooks may not jump on it, but you should still update your app.

Continue reading
Google says it would release its photorealistic DALL-E 2 rival – but this AI is too prejudiced for you to use

It has this weird habit of drawing stereotyped White people, team admit

Brandon Vigliarolo Tue 24 May 2022 // 19:05 UTC

DALL·E 2 may have to cede its throne as the most impressive image-generating AI to Google, which has revealed its own text-to-image model called Imagen.
Like OpenAI's DALL·E 2, Google's system outputs images of stuff based on written prompts from users. Ask it for a vulture flying off with a laptop in its claws and you'll perhaps get just that, all generated on the fly.
A quick glance at Imagen's website shows off some of the pictures it's created (and Google has carefully curated), such as a blue jay perched on a pile of macarons, a robot couple enjoying wine in front of the Eiffel Tower, or Imagen's own name sprouting from a book. According to the team, "human raters exceedingly prefer Imagen over all other models in both image-text alignment and image fidelity," but they would say that, wouldn't they.

Continue reading
Facebook opens political ad data vaults to researchers

Facebook builds FORT to protect against onslaught of regulation, investigation

Brandon Vigliarolo Tue 24 May 2022 // 16:30 UTC

Meta's ad transparency tools will soon reveal another treasure trove of data: advertiser targeting choices for political, election-related, and social issue spots.
Meta said it plans to add the targeting data into its Facebook Open Research and Transparency (FORT) environment for academic researchers at the end of May.
The move comes a day after Meta's reputation as a bad data custodian resurfaced with news of a lawsuit filed in Washington DC against CEO Mark Zuckerberg. Yesterday's filing alleges Zuckerberg built a company culture of mishandling data, leading directly to the Cambridge Analytica scandal. The suit seeks to hold Zuckerberg responsible for the incident, which saw millions of users' data harvested and used to influence the 2020 US presidential election.

Continue reading

Toyota cuts vehicle production over global chip shortage

Just as Samsung pledges to invest $360b to shore up next-gen industries

Dan Robinson Tue 24 May 2022 // 16:00 UTC

Toyota is to slash global production of motor vehicles due to the semiconductor shortage. The news comes as Samsung pledges to invest about $360 billion over the next five years to bolster chip production, along with other strategic sectors.
In a statement, Toyota said it has had to lower the production schedule by tens of thousands of units globally from the numbers it provided to suppliers at the beginning of the year.
"The shortage of semiconductors, spread of COVID-19 and other factors are making it difficult to look ahead, but we will continue to make every effort possible to deliver as many vehicles to our customers at the earliest date," the company said.

Continue reading
Microsoft shows off Windows updates at Build dev event

Amazon Appstore preview goes wider, plus Windows on Arm platform with Neural Processing Units – Project Volterra

Richard Speed Tue 24 May 2022 // 15:30 UTC

Microsoft Build Windows still rules the enterprise, and among all the Azure and Power Platform action during Microsoft's annual Build event for developers, the company had news for users of its flagship operating system.
The first followed this week's revelation that Windows Subsystem for Android is now running on Android Open Source Project (AOSP) 12.1, and concerns the Amazon Appstore preview.
After an inexplicable delay, Microsoft is finally adding countries on top of the US. Users in France, Germany, Italy, Japan and the UK will by the end of the year be able to join in previewing the Amazon Appstore, although there appears to still be no official way to get access to apps outside of those brought to Windows 11 via Amazon.

Continue reading
CockroachDB adds command line tool as database hits version 22.1

The Register speaks to Jim Walker about maturity and super regions

Richard Speed Tue 24 May 2022 // 15:04 UTC

Cockroach Labs has finally added a new command line tool with the release of version 22.1 of its eponymous database, out today.
Although it was possible to deploy CockroachDB using something like Terraform (for example, deployment on Oracle Cloud Infrastructure) the process is often not particularly elegant.
"Until this release we didn't have an API to control the database," Jim Walker, recovering developer and product evangelist at Cockroach Labs told The Register during 2022's EU Kubecon in Valencia, Spain.

Continue reading

Version 251 of systemd coming soon to a Linux distro near you

'Experimental' systemd-sysupdate feature likely to get the most attention

Liam Proven in Prague Tue 24 May 2022 // 14:31 UTC

Version 251 of the controversial systemd Linux init system is here, and you can expect it to feature in the next version of your preferred distro.
The unified system and service manager for Linux continues to grow and develop, as does Linux itself. There is a comprehensive changelog on Github, so we will just try to pick out a few of the highlights.
New releases of systemd appear roughly twice a year, so the chances are that this will appear in the fall releases of Ubuntu and Fedora.

Continue reading
SAP attracts further criticism for Russia presence, despite promise to leave

The software giant's 'orderly exit' appears to be ongoing

Lindsay Clark Tue 24 May 2022 // 13:01 UTC

A Ukrainian minister has accused software giant SAP of continuing to operate in Russia despite the German vendor previously vowing to withdraw from the aggressor nation.
In the months following Russia's invasion of Ukraine, SAP attracted criticism as it continued to support installations of its software in Russia and cloud services used by Russian businesses, including state-owned bank Sberbank.
Pressure from Ukrainian president Volodymyr Zelenskyy contributed to the enterprise application provider promising, in late April, to conduct an "orderly exit from… operations in Russia" following a 30-year presence there.

Continue reading
Neuromorphic chips 'up to 16 times more energy efficient' for deep learning

Graz University findings will become more significant as more AI work is done

Dan Robinson Tue 24 May 2022 // 12:31 UTC

Neuromorphic chips have been endorsed in research showing that they are much more energy efficient at operating large deep learning networks than non-neuromorphic hardware.
This may become important as AI adoption increases.
The study was carried out by the Institute of Theoretical Computer Science at the Graz University of Technology (TU Graz) in Austria using Intel's Loihi 2 silicon, a second-generation experimental neuromorphic chip announced by Intel Labs last year that has about a million artificial neurons.

Continue reading
Leica and Huawei terminate trading agreement amid US sanctions

German optics giant jumps ship to make smartphone cameras for Xiaomi instead

Laura Dobberstein Tue 24 May 2022 // 11:06 UTC

Huawei's long established trading relationship with Leica to integrate the German camera maker's technology into its phones is over, the companies have confirmed.
From February 2016, all Huawei flagships were slated [PDF] to have Leica-developed lenses and branding.
The Reg was generally quite impressed by the combined products over the years.

Continue reading
It's 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017

Crafty file names, encrypted malicious code, Office flaws – ah, it's like the Before Times

Jeff Burt Tue 24 May 2022 // 10:04 UTC

HP's cybersecurity folks have uncovered an email campaign that ticks all the boxes: messages with a PDF attached that embeds a Word document that upon opening infects the victim's Windows PC with malware by exploiting a four-year-old code-execution vulnerability in Microsoft Office.
Booby-trapping a PDF with a malicious Word document goes against the norm of the past 10 years, according to the HP Wolf Security researchers. For a decade, miscreants have preferred Office file formats, such as Word and Excel, to deliver malicious code rather than PDFs, as users are more used to getting and opening .docx and .xlsx files. About 45 percent of malware stopped by HP's threat intelligence team in the first quarter of the year leveraged Office formats.
"The reasons are clear: users are familiar with these file types, the applications used to open them are ubiquitous, and they are suited to social engineering lures," Patrick Schläpfer, malware analyst at HP, explained in a write-up, adding that in this latest campaign, "the malware arrived in a PDF document – a format attackers less commonly use to infect PCs."

Continue reading

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR DAILY NEWSLETTER

Security Scorecard

Biting the hand that feeds IT © 1998–2022

Do not sell my personal information Cookies Privacy Ts&Cs