Venom vulnerability bares its fangs: Protect your data center with these patches

May 13, 2015


A critical vulnerability called Venom (Virtualized Environment Neglected Operations Manipulation) has been discovered by Jason Geffner at the firm CrowdStrike.

The vulnerability is in a specific component in the open source virtualization package QEMU (which is also incorporated in other virtualization software such as Xen and KVM). Venom is a “VM escape” vulnerability that renders the host platform, all other VMs operating on the host platform, and any device operating on the host platform’s network potentially vulnerable.

Read More