Xen embargo


I didn’t intend for this to become a security blog. Well okay, I didn’t mean for this to become an exclusively security blog.

In the midst of Shellshock, Amazon announced they’d be rebooting a series of their EC2 instances. The company didn’t comment on why. Over the weekend, Rackspace followed suit. Infrastructure providers around the world proceeded to raise their collective eyebrows. One company doing this is unusual. Two without detail may be cause for concern.

The consensus seems to be (citation needed?) its in response to a Xen hypervisor update. From the XSA-108 advisory:

(Prereleased, but embargoed).

According to the Xen Project security policy page, Amazon and Rackspace are among the companies with pre-release access to this information.

Those are the facts. With some lovely conjecture, we can assume these teams have access to a patch which required a reboot. Both Amazon and Rackspace are known to run very old versions of Xen too, so perhaps this only affects such versions.

We’ll all know more later this week.

Author bio and support


Ruben Schade is a technical writer and infrastructure architect in Sydney, Australia who refers to himself in the third person. Hi!

The site is powered by Hugo, FreeBSD, and OpenZFS on OrionVM, everyone’s favourite bespoke cloud infrastructure provider.

If you found this post helpful or entertaining, you can shout me a coffee or send a comment. Thanks ☺️.