VENOM Security Vulnerability – CVE-2015-3456

Today a security vulnerability (CVE-2015-3456) known as VENOM was publicly announced. This bug is described in detail here and here.

At MNX.io, we run SmartOS. Our architecture runs QEMU inside of an additional secure container. This means that if an attacker were to exploit this, they would be confined inside their existing secure container and would NOT affect other customers.

We will be patching the software to completely remove this flaw, and will roll that out to our customers in a future build.

If you have any questions, please contact support by submitting a request in our operations portal at https://ops.mnx.io.