“VENOM” security vulnerability (CVE-2015-3456)
  • IBM Cloud Platform
  • London
  • Description
    On May 13th, 2015, CVE-2015-3456, a security vulnerability also known as “VENOM”, was publicly announced. This bug may be present in virtualization environments and could potentially exploit a VM’s virtual floppy driver.
    Bluemix engineers have determined that the Bluemix platform is not affected.
    User action not required.
    For more information see VENOM (http://venom.crowdstrike.com/) and CVE-2015-3456 (https://access.redhat.com/security/cve/CVE-2015-3456).