‘ Venom ‘ vulnerability a serious bug on many modern visualization platforms

venom-attack-on-hypervisorVENOM, CVE-2015-3456, an acronym for “Virtualized Environment Neglected Operations Manipulation” a serious bug on popular visualization platforms include Xen, KVM, and Oracle’s VirtualBox. As per security experts the bug was existed from 2004 onwards.

Discovered by Jason Geffner, CrowdStrike Senior Security Researcher says this vulnerability may allow an attacker to escape from the confines of an affected virtual machine (VM) guest and potentially obtain code-execution access to the host.

To prevent zero day attacks CrowdStrike responsibly disclosed VENOM to the QEMU Security Contact List, Xen Security mailing list, Oracle security mailing list, and the Operating System Distribution Security mailing list on April 30, 2015.

Virtualization products affected:- Xen hypervisors, KVM (or “kernel-based virtual machine”), Oracle VM VirtualBox, and the native QEMU client

Virtualization products not affected:- EMC-owned VMWare and Microsoft Hyper-V

Amazon – AWS one of biggest cloud services provider says in their security bulletin there is no risk to AWS customer data or instances.

Vendor advisories, patches, and notifications available here

Source:- Crowdstrike.com