On 8/18/2015 10:37 PM, Venkateswara Rao Dokku wrote: > Thanks for the reply. > Sorry for the typo in the earlier mail. > I have PV-HVM of CentOS 7 & I need to convert it to PV kernel. > > Basically here I am trying to see whether my PV_HVM kernel is vulenrable to > this issue given in the following link > http://seclists.org/oss-sec/2015/q3/212 that is talking about a problem with QEMU and emulated cdroms, and as far as I can tell, the bug is in the qemu emulator, not in the VM's. it merely states that if you only use PV VM's you won't trigger the bug, but the correct fix is to update your QEMU so there is no bug. > In the above link, it was mentioned that the PV kernel is not vulnerable to > this bug, but HVM is. It didnt say anything about PV-HVM. > > Can you please help me in this regard? https://access.redhat.com/security/cve/CVE-2015-5154 suggests QEMU has been fixed as of July 27/28, at least for KVM servers, see the 4 RHSA Errata linked there. again, RHEL7 and therefore CentOS 7 is all about KVM not Xen. If you're running someone's xen server, you need to ensure its patched against this bug. -- john r pierce, recycling bits in santa cruz