venom / vm breakout intrusions
Posted: Mon May 18, 2015 11:14 am
Dear,
I hope this is a correct place to ask. Regarding the Venom vulnerability vs Grsec/PaX
http://www.rapid7.com/resources/videos/ ... lained.jsp
http://blog.erratasec.com/2015/05/some- ... VoBM_mUd8E
This is a vulnerability in the Xen, Qemu floppy-disk-controller which could permit for an attacker ( with admin right privilege ) to break out of a VM onto the host. This attack could/may move laterally to another VM etc.
I assume running a grsec/pax hardened kernel on the host would mitigate against this type of attack or would one also have to run it inside the VM ?
from https://securityblog.redhat.com/2015/05 ... et-bitten/ ... "Depending on the location of the FIFO memory buffer, this can either result in stack or heap overflow. For all of the Red Hat Products using QEMU the FIFO memory buffer is allocated from the heap."
Thank you for your consideration,
Joris
I hope this is a correct place to ask. Regarding the Venom vulnerability vs Grsec/PaX
http://www.rapid7.com/resources/videos/ ... lained.jsp
http://blog.erratasec.com/2015/05/some- ... VoBM_mUd8E
This is a vulnerability in the Xen, Qemu floppy-disk-controller which could permit for an attacker ( with admin right privilege ) to break out of a VM onto the host. This attack could/may move laterally to another VM etc.
I assume running a grsec/pax hardened kernel on the host would mitigate against this type of attack or would one also have to run it inside the VM ?
from https://securityblog.redhat.com/2015/05 ... et-bitten/ ... "Depending on the location of the FIFO memory buffer, this can either result in stack or heap overflow. For all of the Red Hat Products using QEMU the FIFO memory buffer is allocated from the heap."
Thank you for your consideration,
Joris