Virtual bytes (VENOM) XEN and KVM/Qemu

home | blog | Teh Internet | guest blog |rants | political | projects | Gwen and Liam | Citadel patched | Tools | TMBG


- Careful Chrome users, this search box might be "Not secure"



Watch out for the latest vulnerability making the rounds.
Sounds like patches next week.
Those floppies can kill :-)
http://venom.crowdstrike.com/
Seems like a power off of the vm is needed to get the patch (not reboot).
Should be a fun week next week.

It looks like Richard WM Jones called it back in 2011!:
https://rwmj.wordpress.com/2011/05/24/what-is-svirt/
If this link breaks in future, I can summarize:
Use sVirt to only allow devices you need to limit the vulnerabilities (known and unknown) in the Qemu layer.



[æ]