VENOM vulnerability and XenServer

Jun 4, 2015

You probably heard about the VENOM attack few weeks ago.

And you also probably saw the logo:

Let's have some perspective on this one. 4 things to know:

  • it affects only HVM guests
  • it needs a root access on the vulnerable guest to be exploited
  • there a patch available for XenServer
  • keep calm and uses Xen Orchestra

The patch is of course already out.

With Xen Orchestra, the new VENOM patch is automatically displayed on the host view. And you just have to install it in one click. See for yourself:

This click triggers these events:

  • xo-server will automatically download the VENOM patch on the Citrix website
  • unzip it and upload it to your host
  • everything on the fly! (using the powerful streams in Node.js)
  • finally apply the patch automatically.

And that's all, your are now fully protected from the VENOM exploit.

Beside you can also doing it the "old way", but you have to:

  1. Download the update to a known location on a computer that has XenCenter installed.
  2. In XenCenter, on the Tools menu, select Install Update. This displays the Install Update wizard.
  3. Click Next to start the wizard.
  4. Click Add to upload a new update.
  5. Browse to the location where you downloaded the hotfix, select it, and then click Open.
  6. From the list of updates select and then click Next.
  7. Select the hosts you wish to apply the hotfix to, and then click Next.
  8. Follow the recommendations to resolve any upgrade prechecks and then click Next.
  9. Choose how to perform post-update tasks. In the Post update options section, select automatically or manually, and then click Install update.
  10. When the installation process is complete, click Finish to exit the wizard.

And all of that, if you know there is a patch to download!

10 steps VS 1, make your choice ;)

Olivier Lambert

Vates CEO & co-founder, Xen Orchestra and XCP-ng project creator. Enthusiast entrepreneur and Open Source advocate. A very happy Finnish Lapphund owner.