Date: Wed, 13 May 2015 23:20:40 +0200 From: Marcus Meissner <meissner@...e.de> To: oss-security@...ts.openwall.com Subject: Re: VENOM - CVE-2015-3456 On Wed, May 13, 2015 at 11:57:20PM +0300, Solar Designer wrote: > On Wed, May 13, 2015 at 12:22:19PM +0000, Jason Geffner wrote: > > VENOM, CVE-2015-3456, is a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. > > Some bits of contemporary history, off Twitter: > > <nelhage> All I have to say about VENOM is that I was exploiting obsolete hardware in qemu years before it was cool. https://blog.nelhage.com/2011/08/breaking-out-of-kvm/ > <solardiz> @nelhage I think @taviso was there first, with emulated Cirrus Logic VGA (CVE-2007-1320) and NE2000 vulns in QEMU. http://taviso.decsystem.org/virtsec.pdf Yeah, we fixed a lot of them, some less, some more exploitable. As I had some confusion on if the fdc is disabled or not in regards to the -nodefaults, so I wrote a small PoC. (and no, -nodefaults does not disable the fdc) Ciao, Marcus View attachment "xx.c" of type "text/x-c" (208 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ