Chris ✅ is a user on mastodon.cloud. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
Chris ✅ @diodesign

Seeing as infosec Twitter has moved to Mastodon, I'll just leave this here...

Guest-to-host Xen escape :persevere: qubes-os.org/news/2017/04/04/q

:pensive: xenbits.xen.org/xsa/advisory-2

The annoying thing is that I'm not sure a memory-safe language like Rust or Go could stop a bug like this: it's in the manipulation of page tables, which involves checking bit flags. This is a logic blunder rather than a memory corruption. Any thoughts?

@diodesign This is extremely problematic. As a Qubes user, I need to update my system immediately. Grateful to the Qubes team for their quick response.

@juviacaled Mmm-hm. The full advisory is very useful to understanding the problem, which is nice.