Top Qs
Timeline
Chat
Perspective
VENOM
From Wikipedia, the free encyclopedia
Remove ads
VENOM (short for Virtualized Environment Neglected Operations Manipulation[1]) is a computer security flaw that was discovered in 2015 by Jason Geffner, then a security researcher at CrowdStrike.[2] The flaw was introduced in 2004 and affected versions of QEMU, Xen, KVM, and VirtualBox from that date until it was patched following disclosure.[3][4]
The existence of the vulnerability was due to a flaw in QEMU's virtual floppy disk controller.[5]
VENOM is registered in the Common Vulnerabilities and Exposures database as CVE-2015-3456.[6]
Remove ads
Background
QEMU is a widely used emulator and hypervisor that provides device emulation and virtualization for a variety of platforms and is reused by higher-level virtualization systems such as Xen and KVM.[7]
The VENOM vulnerability arose from a defect in QEMU's implementation of this FDC, which is used not only by standalone QEMU deployments but also by a range of virtualization platforms and cloud infrastructures that embed the relevant code.[7][8]
Remove ads
Discovery and disclosure
The vulnerability was discovered by Jason Geffner, a senior security researcher at CrowdStrike, during a security review of virtual machine hypervisors. CrowdStrike coordinated disclosure with QEMU maintainers and affected vendors, including the Xen Project and Linux distribution providers, before the issue was publicly announced.[9][8]
The vulnerability was disclosed publicly on 13 May 2015, together with a branded website and logo under the name "VENOM", and assigned the identifier CVE-2015-3456. Security advisories and updates were issued in quick succession by vendors such as Red Hat, SUSE, Oracle and IBM in the days following disclosure.[10][11][12]
Remove ads
References
Wikiwand - on
Seamless Wikipedia browsing. On steroids.
Remove ads