There was discovered a new attack vector against memory deduplication in Virtual Machine Monitors (VMM) where attackers can effectively leak randomized base addresses of libraries and executables in processes of neighboring Virtual Machines (VM).
Here is original source of information: http://www.antoniobarresi.com/files/cain_advisory.txt
A malicious attacker can reliably leak the randomized base addresses of libraries and the executable of a process within a neighboring VM thus completely bypassing ASLR.
Odin checked if issue affects our Virtualization products. As the result:
Virtuozzo 6 (formerly Parallels Cloud Server 6) Virtual Machines are not affected since Odin hypervisor does not utilize page sharing.
Virtuozzo 6 Containers are affected through "pfcache" feature (enabled by default), in the sense that from inside a Container you can find out whether any other container on the host has (or ever had) the particular application/file (of the particular version). Odin has rated this issue as having low security impact. Additionally a workaround is available by disabling "pfcache" functionality.
~# chkconfig pfcached off
Just disable pfcached service.