[bitfolk] Xen Security Advisory CVE-2012-0217 - 64-bit PV guest privilege escalation vulnerability

Hi, As you may be aware from: http://seclists.org/oss-sec/2012/q2/500 there is a rather serious Intel CPU bug which can allow 64-bit paravirtualized guests to crash and/or potentially gain control of the entire node. TL;DR version: BitFolk is not affected. You don't need to do anything. Longer version: As luck would have it, BitFolk does not happen to support 64-bit guests, so the vast majority of customer systems cannot make use of this exploit. There is no technical barrier to prevent customers installing their own 64-bit OS, however, and two customers have done so. In the very short term, with the exception of the two customers who are already running 64-bit, I have prevented 64-bit guests from being booted. I shall contact the two customers individually to arrange for them to be moved to an upgraded node. The alternative would be to upgrade and reboot every node. For some nodes this would mean a full OS upgrade. This will be done eventually but over a longer time span, as it will obviously be necessary in order to support 64-bit guests. Cheers, Andy -- http://bitfolk.com/ -- No-nonsense VPS hosting _______________________________________________ announce mailing list announce(a)lists.bitfolk.com https://lists.bitfolk.com/mailman/listinfo/announce