Venom Vulnerability and SiteGround Cloud and VPS Accounts

A serious security issue in one of the world’s most popular machine emulator and virtualizer QEMU, used by the most popular virtualization systems – KVM, Xen and others has been discovered. The so-called Venom attack allows an user with root access to his/her virtual machine to gain root access to the entire host node under special circumstances. An official patch of for qemu-kvm has already been released and it fixes the vulnerability.

How This Affects SiteGround Customers?

As we wrote in a blog post in January, we have switched our former VPS service to a new cloud hosting platform running on Linux containers. This platform does not use KVM or any other virtualization method, as it is based on Linux containers, which means that all SiteGround customers that launched their cloud plan after January 21st 2015, are not affected in any way by this vulnerability.

However, our VPS and Cloud accounts ordered before the launch of our new container-based service are still using the KVM-based virtualization. The good news is that in order to gain root access to a VPS node, the attacker needs root access to at least one of the virtual machines on this node. For security reasons that now pay off, we do not provide such access to our VPS and cloud users. This means that even if you are on a SiteGround KVM-based machine, we’ve still got you covered.

Nevertheless, the vulnerability exists and it has to be patched. This is why our security team have been working around the clock since the exploit has been announced. The official patch has been tested and we’re currently deploying it on all KVM-based accounts that we have. The patch requires a reboot of the virtual machine in order to be applied, which will result in approximately 2 to 3 minutes downtime per account. If your account is affected by this security reboot, you will be notified in your User Area.