Red Hat Product Security has been made aware of a 'buffer overflow' vulnerability affecting the Floppy Disk Controller (FDC) emulation implemented in the QEMU component of the KVM/QEMU and Xen hypervisors. The vulnerability, which has been assigned CVE-2015-3456 and is now being referred to as VENOM
, was discovered by Jason Geffner of CrowdStrike, Inc. The vulnerability was rated as having an Important impact.
All server nodes will be rebooted at this time to ensure that our systems are protected with the latest patches. You can read more about this vulnerability here:https://access.redhat.com/articles/1444903 http://arstechnica.com/security/2015/05/extremely-serious-virtual-machine-bug-threatens-cloud-providers-everywhere/