Venom zero-day affects datacenter and Millions of end users.
Well, heartbleed was a big buzz back in the day when security researcher Neel Mehta of Google’s security team had reported it, many websites, some were very popular, were affected. The new zero-day vulnerability discovered recently can cause catastrophic damage to data centers who use virtualization KVM/QEMU, Xen hypervisors, and VirtualBox, while the VMware and Hyper-V stay unaffected. The defect lies in Floppy Disk, and believe it or not, the bug went undetected for more than a decade.
Venom zero-day vulnerability has discovered by Jason Geffner, having assigned ( CVE-2015-3456 ) and was rated critical because it had a big impact.
In order to take advantage of Venom vulnerability, a dedicated hacker would need to gain access to a virtual machine with root privileges, and considering how easy is to deploy new OS on various cloud hosting companies that use affected virtualization software it takes little effort to rent a VM. A potential hacker could then be able to break out from a virtual machine on a cloud system and get admittance to other data on a system network and execute remote code by overwriting critical structure of virtual machine memory. Exploiting the VENOM bug, one can gain unauthorized access to the corporate intellectual property, including sensitive and personal information data. Thousands of hosting companies and potentially millions of end users, which rely heavily on potentially affected Virtual Machines for hosting and storage.
The vulnerability specifically affected the open source Quick Emulator (QEMU) virtual Floppy disk controller (FDC) which is used in various virtualization products (Xen, KVM, VirtualBox) along with the host operating system (OS-X, Windows, Linux, etc..)
Taking precaution, patching your servers and rebooting needs to be done as soon as possible.
Yum update
yum update qemu-kvm
More info:
Leave a comment