Parallels Holdings Ltd Information for VU#935424
Virtual Machine Monitors (VMM) contain a memory deduplication vulnerability
- Virtuozzo 6 (formerly Parallels Cloud Server 6) Virtual Machines are
not affected since our hypervisor does not utilize page sharing.
- Virtuozzo 6 Containers are affected through "pfcache" feature (enabled
by default), in the sense that from inside a Container you can find out
whether any other container on the host has (or ever had) the particular
application/file (of the particular version). We are considering this
information leak a minor issue, which comes as a price for memory
deduplication. We have no plans for fixing it. If this is considered a
major threat by user, then it could be mitigated by disabling the
We are not aware of further vendor information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.