[j15e]

Just received a message from Rackspace cloud regarding theses, it seems like they will have to reboot all instances.

See https://community.rackspace.com/general/f/53/t/4978

[plq]

Yet linode is still silent...

[KenCochrane]

I got an email from linode yesterday telling me they need to do the same. Not sure if they had any public communication yet.

[kbar13]

realize that there's Xen HVM and Xen PV. there have been significantly more security issues in HVM than there have been in PV.

[walterbell]

Do we know why HVM/hw-virt has had more security issues than PV/sw-virt?

[larsk]

Yes, because it uses QEMU. That means more code, and ultimately more bugs, which means more possible exploits.

[paulrosenzweig]

Linode rebooted my server in Tokyo ~16 hours ago.

[cvuletich]

See ya later uptime...

04:49:58 up 659 days

[rgbrenner]

See ya later uptime... 04:49:58 up 659 days

your server is vulnerable to a number of Xen security vulnerabilities: http://xenbits.xen.org/xsa/

Including this one from Oct 1, 2014 that allows guests to read up to 3KB of memory from the hypervisor or other guests:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7188

http://threatpost.com/serious-hypervisor-bug-fix-causes-unex...

[mnordhoff]

That vulnerability only applies to HVM guests. No doubt there are other reasons to have rebooted since 2013, but if one of Rackspace's servers only has paravirtualized guests (do they use HVM at all? I don't know), they can get by without patching it.

[rgbrenner]

Did you see how many vulnerabilities 659 days covers? I mean, if that one doesn't apply, just go back a bit. How about this one from June 2014:

memory pages that were in use by the hypervisor and are eligible to be allocated to guests weren't being properly cleaned. Such exposure of information would happen through memory pages freshly allocated to or by the guest. ... it is possible for an attacker to obtain modest amounts of in-flight and in-use data, which might contain passwords or cryptographic keys.

http://xenbits.xen.org/xsa/advisory-100.html

[kbar13]

rackspace most likely uses hvm guests. I think they had freebsd before there was xen pv support

[yclept]

Rackspace has both HV and PV for most default linux images

[singlow]

Yeah. I had one server with over 900 days prior to Oct. It probably should have been rebooted for other reasons but thats the one that forced it.

[e12e]

Is that a guest or a host? If it's a guest, there shouldn't be a need for reboot, only suspend/resume... (note that a reboot can be a good idea from time to time, just to make sure the current configuration (eg: post kernel upgrades, before reboot) -- actually boots).

[zatkin]

Ouch! Might I ask what datacentre you're using?

[spaam]

i had something similar at linode london.

[ryan-c]

prgmr did reboots yesterday