Before we begin, let’s describe what Docker is. Docker is a set of virtualization tools that allows us to create, test, and deploy containerized applications quickly and easily. It has become very popular and used almost everywhere in our daily lives. Thanks to containerization, we can quickly launch applications on different platforms utilizing small bundles which contain all the needed packages, libraries and configuration file to run an application. These docker packages communicate via established network channels.
VENOM, or Virtualized Environment Neglected Operations Manipulation, was made public on May 13, 2015. The vulnerability is in QEMU, a generic and open source machine emulator and virtualizer that is utilized by Xen, KVM, and other modern hypervisors / virtualization platforms.
Specifically a flaw with how QEMU handles out-of-bounds memory access, exploitation can cause the entire hypervisor to crash and may allow an attacker to access other virtual machines outside of their own.
Made public on May 13, 2015
This flaw exploits QEMU, a generic and open source machine emulator.
Allows for an attacker to access other virtual machines outside of their own.