Crowdstrike on Wednesday made public its discovery of yet another long-buried Linux vulnerability. "Venom," as it has been dubbed, was unearthed by the firm's senior security researcher, Jason Geffner. It is listed as vulnerability CVE-2015-3456. Venom exists in the virtual floppy drive code used by virtualization platforms based on QEMU, or quick emulator. It has been around since 2004. The code probably went undetected for 11 years because "it's not obvious at all that this is a vulnerability," Geffner said.
from TechNewsWorld http://ift.tt/1KP2wib
No comments:
Post a Comment