iTnews
  • Home
  • News
  • Technology
  • Storage

Amazon forced to reboot EC2 to patch Xen bug

By Juha Saarinen on Sep 25, 2014 2:49PM
Amazon forced to reboot EC2 to patch Xen bug

Rolling restarts over next week.

Amazon Web Services has started urgently rebooting Elastic Compute Cloud (EC2) instances in all its regions, after an unknown bug was discovered in the open-source Xen virtualisation platform used by the company.

The cloud giant emailed EC2 customers today to warn about the reboot, which it called "required host maintenance".

"One or more of your Amazon EC2 instances are scheduled to be rebooted for required host maintenance," AWS advised in the email.

"The maintenance will occur sometime during the window provided for each instance. Each instance will experience a clean reboot and will be unavailable while the updates are applied to the underlying host."

It said each reboot should take only a few minutes and instances would then return to normal operation, with all configuration and data retained.

"We will need to do this maintenance update in the window provided. You will not be able to stop/start or re-launch instances in order to avoid this maintenance update."

However, an AWS customer who declined to be named said the reboot was not simply maintenance and was instead due to an unspecified bug in the Xen platform, XSA-108, which will not be revealed until October 1 United States time.

Update 29/6:  AWS evangelist Jeff Barr confirmed on the company’s blog that the reboots are due to unspecified problems with Xen.

Barr said "these updates must be completed by Oct. 1, before the industry notice comes out on Xen update XSA-108. The issue in that notice affects many Xen environments, and is not an AWS-specific issue. Following security best practices, the details of this update are embargoed until then."

The blog post was taken down shortly after publication.

In a separate security bulletin, AWS advised that it has patched the Bash command shell in its AMI Linux distribution against the Shellshock vulnerability.

Cloud management company Rightscale confirmed AWS was rebooting a substantial number of EC2 instances on its blog.

Rightscale engineer Thorsten von Eicken said the reboots would take place over the next few days, starting September 27 Australian time and ending on October 1.

"As usual, AWS is totally tight-lipped about the underlying cause. It seems obvious that the company is patching a security vulnerability, but it will not disclose which one until October 1 — that is, after they have patched all hosts," von Eicken said.

Von Eicken noted that not all AWS instance types  - such as T1, T2, M2, R3 and HS1 - would need to be rebooted.

However, all AWS regions and availability zones are affected, von Eicken said.

iTnews has contacted AWS for comment.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
amazonawscloudec2storagevirtualisationxen

Partner Content

Why Genworth Australia embraced low-code software development
Promoted Content Why Genworth Australia embraced low-code software development
How to turn digital complexity into competitive advantage
Promoted Content How to turn digital complexity into competitive advantage
The Great Resignation has intensified insider security threats
Promoted Content The Great Resignation has intensified insider security threats
Why rethinking your CMS is crucial for customer retention
Promoted Content Why rethinking your CMS is crucial for customer retention

Sponsored Whitepapers

Free eBook: Digital Transformation 101 – for banks
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see

Events

  • Forrester Technology & Innovation Asia Pacific 2022
By Juha Saarinen
Sep 25 2014
2:49PM
0 Comments

Related Articles

  • UK financial regulators to directly oversee cloud services
  • Amazon results and outlook fall short as costs soar
  • Amazon racks up sales despite client shift to multicloud
  • Amazon cloud outage hits major websites, streaming apps
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Services Australia sets changeover date for myGov

Services Australia sets changeover date for myGov
Google Cloud IoT Core goes on the end-of-life list

Google Cloud IoT Core goes on the end-of-life list
NBN Co proposes to axe CVC across all plans by mid-2026

NBN Co proposes to axe CVC across all plans by mid-2026
NSW Police dumps Bezos-backed Mark43 from core systems overhaul

NSW Police dumps Bezos-backed Mark43 from core systems overhaul

Digital Nation

Save the Date — Digital Nation Live launches on October 25
Save the Date — Digital Nation Live launches on October 25
CommBank’s mobile banking app beats ANZ, NAB, Suncorp and Westpac: Forrester
CommBank’s mobile banking app beats ANZ, NAB, Suncorp and Westpac: Forrester
Stakes are higher for cybersecurity in Web3: Gal Tal-Hochberg, CTO at Team8
Stakes are higher for cybersecurity in Web3: Gal Tal-Hochberg, CTO at Team8
Crypto losses to crime surge to $1.9 B in first half of 2022: Chainalysis
Crypto losses to crime surge to $1.9 B in first half of 2022: Chainalysis
Edge and IoT critical to Web3 infrastructure
Edge and IoT critical to Web3 infrastructure
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.