VENOM Vulnerability

8:14 PM
VENOM Vulnerability -

This week, an advisory security identified as the "VENOM" or virtualized environment Neglected operations manipulation, CVE-2015-3456 has been publicly announced. During Citrix Synergy, I get questions like XenServer is affected, and what customers should do about it.

Citrix recently released a Security Advisory (http://support.citrix.com/article/CTX201078) on VENOM as it relates to XenServer, and while that should be your main source of updates, I thought that I here would deliver our answer some context.

Citrix is ​​working on a hotfix for XenServer, we are planning to publish next week. Currently Citrix is ​​not known to have publicly available exploit code for VENOM on XenServer

People often ask why it takes time to solve a hotfix. The most significant part of the answer is that each hotfix we learn to share a large number of tests. In addition to the usual functional regression tests we are (automated) tests several days Stress: If there are any problems in the patch, is the stress tests, when we find them normally. So as a background, sometimes taking a quick look at nature as VENOM could impact a XenServer deployment.

The VENOM vulnerability relates to a possible buffer overrun inside the device emulation layer (qemu) used in various virtualization platforms including Xen and KVM-based ones.

In particular, use the code to emulate a floppy drive device for HVM guests (which for most customers, this means Windows virtual machines, although on XenServer 6.5, newer versions of Linux guest in HVM mode run). While XenServer does not really make a floppy device visible to each VM, the code is still present.

Because of the additional security features in XenServer, is our assessment of the situation that the Venom vulnerability could currently not be exploited for a guest unauthorized access to data to obtain.

We will continue up to date on the security bulletin and to keep course, if you have any questions get in touch with Citrix Support.

Previous
Next Post »

1 comment

  1. Grab the best Christmas VPN Deal ever for just $1.34/month
    Ivacy VPN is offering an unbelievable Christmas VPN lifetime deal, unlike anything you have seen before!
    Enjoy 1825 days of complete online freedom with the internet right at your fingertips

    ReplyDelete