Article ID: 126594, created on Aug 18, 2015, last review on Aug 18, 2015

  • Applies to:
  • Virtuozzo 6.0


There was discovered a new attack vector against memory deduplication in Virtual Machine Monitors (VMM) where attackers can effectively leak randomized base addresses of libraries and executables in processes of neighboring Virtual Machines (VM).

Here is original source of information:


A malicious attacker can reliably leak the randomized base addresses of libraries and the executable of a process within a neighboring VM thus completely bypassing ASLR.


Odin checked if issue affects our Virtualization products. As the result:

Virtuozzo 6 (formerly Parallels Cloud Server 6) Virtual Machines are not affected since Odin hypervisor does not utilize page sharing.

Virtuozzo 6 Containers are affected through "pfcache" feature (enabled by default), in the sense that from inside a Container you can find out whether any other container on the host has (or ever had) the particular application/file (of the particular version). Odin has rated this issue as having low security impact. Additionally a workaround is available by disabling "pfcache" functionality.

    ~# chkconfig pfcached off

Just disable pfcached service.

Search Words

Virtual Machine Monitors vulnerability


c62e8726973f80975db0531f1ed5c6a2 2897d76d56d2010f4e3a28f864d69223 0dd5b9380c7d4884d77587f3eb0fa8ef

Email subscription for changes to this article
Save as PDF