Vulnerability CVE-2015-3456 (VENOM) — KVM/QEMU Update Required

Vulnerability CVE-2015-3456 (VENOM) — KVM/QEMU Update Required

Yesterday, information was released about the vulnerability CVE-2015-3456, named VENOM. This vulnerability pertains to the KVM/QEMU virtualization system, which is built into the Linux kernel and widely used for organizing VDS nodes.

A critical flaw was found in the software implementation of the virtual floppy disk driver, potentially allowing an attacker to crash the virtual machine or, in some cases, execute arbitrary code on the host machine. More information about CVE-2015-3456 can be found in the articles USN-2608-1: QEMU vulnerabilities, VENOM: QEMU vulnerability (CVE-2015-3456), and on the Crowdstrike website.

It is worth noting that there are currently no publicly available tools for hacking the host machine, but they may emerge in the future.

Our host machines supporting VDS clusters are running the latest versions of KVM/QEMU. We conduct regular security audits and monitor our infrastructure 24/7 to ensure reliable operation. A small number of VDS nodes will, however, require us to install the corresponding updates and restart the virtual servers.

This work will be carried out over the next 48 hours. During this period, virtual servers on the affected VDS nodes may be restarted. Our engineers are currently developing an update procedure to minimize any impact on users’ virtual machines.

We strongly recommend that clients using dedicated servers as VDS nodes also perform software updates. For assistance, our technical support service is available to help.