A new variant of the Spectre vulnerability was announced today. The associated Xen Security Advisory (XSA) is XSA 263.
To summarize, only information leaks within the same virtual machine are feasible - there is not a viable method for attacking the hypervisor or for one virtual machine to leak information to another when the first is not already compromised.
To fix the in-guest leaks will require both software and microcode updates. The software is generally available now but the microcode updates will not be available for at least several weeks.
I’ll quote from the XSA:
Contemporary high performance processors may use a technique commonly known as Memory Disambiguation, whereby speculative execution may proceed past unresolved stores. This opens a speculative sidechannel in which loads from an address which have had a recent store can observe and operate on the older, stale, value.
An attacker who can locate or create a suitable code gadget in a different privilege context may be able to infer the content of arbitrary memory accessible to that other privilege context.
At this time, there are no known gadgets in the compiled Xen hypervisor code. The Xen security team believes that the hypervisor is not vulnerable to this new attack, and they don’t think there is a viable information leak from one guest to another non-cooperating guest. However, information leaks within a guest are possible. In other words, it is not possible for something running within a guest G to infer the contents of the hypervisor’s memory or the contents of memory belonging to other guests, but it is possible for it to infer the contents of memory belonging to the same guest G across a privilege boundary.
Mitigation of this Spectre variant generally requires changes to the guest. Specifically, JIT (just-in-time compilation) in guests needs to be modified to avoid generating vulnerable code. Consult your operating system distributor for updates. As we learn details of updates for our supported distributions, we will announce them in subsequent blog posts.