Petronella Blog Archive

Visit our New Blog

A Threat to All Cloud Providers

Blog Post

A bug in virtual machines makes it possible for hackers to take control of cloud services.

The vulnerability, called VENOM for virtualized environment neglected operations manipulation, has existed for over a decade and is said to be as serious as Heartbleed.  It's a bug in several popular virtual machine platforms and lets hackers break out of guest environments and take control of whatever operating system the VM is on.  The reason this is such a serious vulnerability is that it breaks through the protections on cloud servers that keep different accounts and data separate.

The VENOM vulnerability is known to exist in KVM, QUMU and XEN, though Bochs, Microsoft Hyper-V and VMWare are not affected.  The operating system used on the virtual machine does not matter, although in order to exploit it, the hacker must gain administrative or root permissions.  Patches and workarounds are available for some systems, and it's likely that they'll be available for all of them soon.

Fortunately, it does not appear that VENOM is being actively exploited, however, given the wide range of platforms susceptible to it, fixing this bug should be a top priority.