Security researchers has found the bug is VENOM, or Virtualized Environment Neglected Operations Manipulation, 'buffer overflow' vulnerability affecting the Floppy Disk Controller (FDC) emulation implemented in the QEMU component of the KVM/QEMU and Xen server.
But few versions are not impacted this vulnerability like, Microsoft Hyper-V, VMware, and Bochs hypervisors.
Jason Geffner, CrowdStrike Senior Security Researcher, discovered while researching a security of virtual machine hypervisors.
How to protect my server from the VENOM vulnerability?
If you are Administrator of Xen, KVM or native QEMU client. To install the updates, use the yum package manager as follows:
Xen :
# yum update
# yum update xen
# yum update xen
KVM:
# yum update
# yum update qemu-kvm
# yum update qemu-kvm
For more Information : http://venom.crowdstrike.com/
Comments (0)