|
|
A security flaw has been found in QEMU’s Floppy Disk Controller (FDC) emulation code. It is advised you upgrade your versions of Xen/KVM as soon as possible.
This flaw only affects Xen & KVM virtualizations. No action is required for OpenVZ.
Details
An out-of-bounds memory access flaw was found in the way QEMU’s virtual Floppy Disk Controller (FDC) handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileges of the host’s QEMU process corresponding to the guest.
The flaw affects all versions of QEMU going back to 2004, when the virtual floppy controller was first introduced. Fortunately there is no known exploit that can successfully attack the flaw so far. Yet VENOM is risky enough to be considered a high-priority vulnerability. In order to mount an exploit attempt, a user on the guest machine would need sufficient permissions to access the floppy disk controller I/O ports. On Linux guests, that means the user would need to have root access or otherwise elevated privilege. But on Windows guests, practically any user would have sufficient permissions.
Upgrading a KVM Hypervisor
yum update qemu-kvm
Following the update, the guests (virtual machines) need to be powered off and started up again for the update to take effect. Please note that it is not enough to restart the guests because a restarted guest would continue running using the same (old, not updated) QEMU binary.
Upgrading a Xen Hypervisor (RHEL 6)
yum update xen
Following the update, the guests (virtual machines) need to be powered off and started up again for the update to take effect. Please note that it is not enough to restart the guests because a restarted guest would continue running using the same (old, not updated) QEMU binary.
Upgrading a Xen Hypervisor (RHEL 5)
If your hypervisor is RHEL 5 and you use the 3.4.x version of Xen please see the following document https://documentation.solusvm.com/display/DOCS/Xen+3.4.x+RPM+Releases
References
http://www.theregister.co.uk/2015/05/13/heartbleed_eat_your_heart_out_venom_vuln_poisons_countless_vms
http://venom.crowdstrike.com
一个安全缺陷已经在QEMU的软盘控制器(FDC)仿真代码被发现。这是建议您尽快升级您的版本的Xen / KVM的。
这个漏洞仅影响的Xen和KVM virtualizations。需要OpenVZ的任何操作。
详细信息
一个彻头彻尾的越界内存访问漏洞被发现在QEMU虚拟软盘控制器(FDC)处理的FIFO缓冲区访问,同时处理某些FDC命令的方式。特权guest用户可以利用这个漏洞崩溃的客人或潜在的,具有相应的客人主机的QEMU进程的权限在主机上执行任意代码。
该漏洞影响所有版本的QEMU回到2004年,首次推出了虚拟软盘控制器时。幸运的是有没有已知的漏洞可以成功攻击漏洞至今。然而,毒液风险足以被认为是高优先级的漏洞。为了安装一个攻击企图,对来宾计算机的用户将需要足够的权限来访问软盘控制器I / O端口。在Linux客户机,这意味着用户需要有root访问权或以其他方式提升的权限。但在Windows来宾,几乎所有的用户将有足够的权限。
升级KVM管理程序
百胜更新QEMU-KVM
继更新,来宾(虚拟机)需要被关闭和再次启动的更新生效。请注意,这是不够的重启客人,因为客人重启将继续使用相同的(老了,没有更新)QEMU二进制运行。
升级Xen系统管理程序(RHEL 6)
百胜更新的Xen
继更新,来宾(虚拟机)需要被关闭和再次启动的更新生效。请注意,这是不够的重启客人,因为客人重启将继续使用相同的(老了,没有更新)QEMU二进制运行。
升级Xen系统管理程序(RHEL 5)
如果你的虚拟机管理程序是RHEL 5,你的Xen使用的3.4.x版本,请参阅下面的文档HTTPS://documentation.solusvm COM /显示/ DOCS / Xen的+ 3.4.x + RPM +发布
References
http://www.theregister.co.uk/ 2015/05/13/heartbleed_eat_ your_heart_out_venom_vuln_ poisons_countless_vms
http://venom.crowdstrike.com
- http://solusvm.com/blog/xen-kvm-security-announcement/
|
|
发表于 2015-5-15 04:11:52
楼主