Leak in virtual drive makes attack on host system VMs possible




The firm Crowd Strike has discovered a vulnerability in the virtual floppy disk controller of QEMU. This component is being used by Xen and KVM. The hole makes it possible to gain access to the host system in which virtual machines running on top.

The security hole that Venom was baptized, was discovered in the virtual floppy controller. This is used by various hypervisors, including Xen, KVM and QEMU native client. The Hyper-V hypervisors from Microsoft, VMware and Bochs are not vulnerable.

According Crowd Strike includes QEMU’s virtualized floppy drive controller bug are sent when certain commands. This creates a buffer overflow and malicious code, there can be carried out in the hypervisor. The result is that an attacker potentially other virtual machines or the underlying operating system can attack.

To exploit the bug in the virtual floppy controller, an attacker or malware used should have to have root privileges or administrator access on the virtual guest system. Furthermore, all underlying host operating systems on which the hypervisor is running vulnerable to Venom security hole.

The bug was already since 2004 are present in the source code of QEMU and partly also abuse if the virtual floppy drive controller is disabled in the hypervisor. Many virtualization software would by now have been updated, so the vulnerability is fixed.

Venom bug


In: Technology & Gadgets Asked By: [18433 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »