Both RHEL/CentOS 5.x with Xen 3.4.4 (both Static and CloudBoot HVs) and RHEL/CentOS 6.x (Static and CloudBoot HVs on experimental mode) with Xen 4.2.x are affected.
A malicious guest might be able to read sensitive data relating to other guests. A malicious guest administrator might be able to cause denial of service. Arbitrary code execution, and therefore privilege escalation, cannot be excluded.
To eliminate the security issues for CloudBoot Hypervisors you need to upgrade to OnApp 3.3.2-19 Storage Update.
To eliminate the security issue for Static Hypervisors:
For customers which are using latest hypervisor tools or do not want to upgrade them:
# yum update xen xen-libs
This should update to the xen-3.4.4-6.el5.onapp.x86_64 version.
- RHEL/CentOS 6.x
# yum update centos-xen-repo xen xen-hypervisor
This should update to the xen-4.2.5-38.2.onapp.el6.x86_64version.
- Reboot the hypervisor.
!Consider migrating (if required) of running guests into any other host before the reboot.