[libvirt] memory-ballooning side-channel attack

bancfc at openmailbox.org bancfc at openmailbox.org
Tue Dec 27 02:51:00 UTC 2016


Hello and Happy Holidays,

In the past few years many serious attacks against the memory 
deduplication (KSM) feature of all hypervisors have been shown. [1] Even 
allowing attackers to modify/steal APT keys and source lists on the 
host. [2] Since its not enabled by default the fall out is relatively 
low and easily mitigated.

New side-channel attacks against memory-ballon enabled VMs are beginning 
to surface. Please consider documenting this and disabling this feature 
for newly created VMs to have safe defaults.

[1] https://staff.aist.go.jp/c.artho/papers/EuroSec2011-suzaki.pdf
[2] 
https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_razavi.pdf
[3] http://ieeexplore.ieee.org/document/7562068/

*Hint: If you can't see the IEEE paper use sci-hub.




More information about the libvir-list mailing list