VENOM’s little brother is here – another Qemu security upgrade required

A new Qemu vulnerability has been discovered recently. We are going to proactively reboot all VMs during the next days.

Update 2015-08-05: The VM restarts will be performed during maintenance windows according to every customers’ schedule tonight.  We decided to skip the regular lead time due to the importance of this update and to speed up another important update to our storage and backup infrastructure. We are paying close attention to keep your applications and your data safe, especially after the events in recent months. The current and upcoming changes belong to the promised updates, upgrades, and improvements to our infrastructure in response to those outages.

The security problem is quite similar to the VENOM bug published two months ago. Using a closely related method, attackers could break out of virtual machines and execute code directly on the host systems. RedHat rates this problem as “important”. We will proactively apply the patch on all VM hosts and reboot all VMs.

All technical contacts will be notified with the reboot schedule. Alternatively, you can review scheduled maintenance for all your VMs through the customer UI.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s