VENOM explained

VENOM (short for Virtualized Environment Neglected Operations Manipulation[1]) is a computer security flaw that was discovered in 2015 by Jason Geffner, then a security researcher at CrowdStrike.[2] The flaw was introduced in 2004 and affected versions of QEMU, Xen, KVM, and VirtualBox from that date until it was patched following disclosure.[3] [4]

The existence of the vulnerability was due to a flaw in QEMU's virtual floppy disk controller.[5]

VENOM is registered in the Common Vulnerabilities and Exposures database as .[6]

Notes and References

  1. Book: Richard A. Clarke . Robert K. Knake . 2019 . The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats . Penguin . 320– . 978-0-525-56197-2 .
  2. Web site: VENOM Vulnerability . Venom.crowdstrike.com . https://web.archive.org/web/20150513104122/http://venom.crowdstrike.com/ . May 13, 2015 . dead .
  3. Web site: Bigger than Heartbleed, 'Venom' security vulnerability threatens most datacenters. Whittaker. Zack. . May 13, 2015. 11 November 2017.
  4. Web site: Extremely serious virtual machine bug threatens cloud providers everywhere. Dan Goodin. May 14, 2015. Ars Technica. 11 November 2017.
  5. News: Venom Security Flaw: Bug Exploits Floppy Drive, But Researchers Say Threat Overstated. Stone. Jeff. May 14, 2015. International Business Times. IBT Media. 11 November 2017.
  6. Book: Marc Dacier . Michael Bailey . Michalis Polychronakis . Manos Antonakakis . 2017 . Research in Attacks, Intrusions, and Defenses: 20th International Symposium, RAID 2017, Atlanta, GA, USA, September 18–20, 2017, Proceedings . Springer . 422– . 978-3-319-66332-6 .

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "VENOM".

Except where otherwise indicated, Everything.Explained.Today is © Copyright 2009-2024, A B Cryer, All Rights Reserved. Cookie policy.