[CentOS] OpenSSL Heartbeat exploit agains KVM guest systems

8 Apr 2014


      Is it possible to use this exploit against a kvm guest to read memory used by
the host?  In other words: if an exploitable service, say httpd with mod_ssl,
is running in guest system 'vm1' hosted on system 'virthost' then what
implications does that have with respect to guests vm2 and vm3 and to virthost
itself?
-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[CentOS] OpenSSL Heartbeat exploit agains KVM guest systems