Dear,
I hope this is a correct place to ask. Regarding the Venom vulnerability vs Grsec/PaX
http://www.rapid7.com/resources/videos/ ... lained.jsp
http://blog.erratasec.com/2015/05/some- ... VoBM_mUd8E
This is a vulnerability in the Xen, Qemu floppy-disk-controller which could permit for an attacker ( with admin right privilege ) to break out of a VM onto the host. This attack could/may move laterally to another VM etc.
I assume running a grsec/pax hardened kernel on the host would mitigate against this type of attack or would one also have to run it inside the VM ?
from https://securityblog.redhat.com/2015/05 ... et-bitten/ ... "Depending on the location of the FIFO memory buffer, this can either result in stack or heap overflow. For all of the Red Hat Products using QEMU the FIFO memory buffer is allocated from the heap."
Thank you for your consideration,
Joris
venom / vm breakout intrusions
2 posts
• Page 1 of 1
venom / vm breakout intrusions
by jlambrecht » Mon May 18, 2015 11:14 am
- jlambrecht
- Posts: 45
- Joined: Wed Oct 29, 2014 11:45 am
Re: venom / vm breakout intrusions
by jlambrecht » Tue Jun 02, 2015 3:24 am
No response, i assume there is no reason for asking the question then.
- jlambrecht
- Posts: 45
- Joined: Wed Oct 29, 2014 11:45 am
2 posts
• Page 1 of 1