This is potentially a very serious problem for your business and your sensitive data.
VENOM (Virtualized Environment Neglected Operations Manipulation), a vulnerability discovered by Jason Geffner, allows an attacker to escape a virtualized environment. The attacker is able to execute commands on the underlying system and even move on to other virtual machines that lie on the same host.
What does this mean to you?
You can be affected by this vulnerability:
- If you are using a virtual machine that is hosted on a vulnerable server, an attacker could gain access to your machine and steal any data / information hosted by you
- If you supply virtual services you are putting your customers at risk as an attacker could gain unauthorized access to their data
If this is the case you need to act now.
What should you do?
Ensure that your IT and Security department is made aware of this.
Jason Geffner has provided detailed information which systems are affected and what the necessary steps are to mitigate the issue. In short, not all virtualization software is affected. At the moment it has only been confirmed for QEMU’s floppy disc drivers which are used in KVM and XEN.
Patches for CVE–2015-3456 are available:
Xen Project: http://xenbits.xen.org/xsa/advisory-133.html
For more information please look at: http://venom.crowdstrike.com/