VENOM

VENOM (short for Virtualized Environment Neglected Operations Manipulation ) is a computer security flaw that was discovered in 2015 by Jason Geffner, then a security researcher at CrowdStrike. The flaw was introduced in 2004 and affected versions of QEMU, Xen, KVM, and VirtualBox from that date until it was patched following disclosure.

The existence of the vulnerability was due to a flaw in QEMU's virtual floppy disk controller.

VENOM is registered in the Common Vulnerabilities and Exposures database as.