OpenVZ (Vzctl) – SimFS To Ploop Container Takeover Vulnerability
OpenVZ (Open Virtuozzo) is an operating system-level virtualization technology based on the Linux kernel and operating system. OpenVZ allows a physical server to run multiple isolated operating system instances, called containers, virtual private servers (VPSs), or virtual environments (VEs).
It is possible for a malicious user with a SimFS container to take over another users Ploop container under certain circumstances, particularly that the Ploop container is not currently running.
Vendor Contact Timeline:
2015-07-30: Vendor contacted via email.
2015-07-31: Vendor confirms vulnerability.
2015-08-25: Vendor issues update.
2015-08-26: RACK911 Labs issues security advisory.
1110 Palms Airport Drive, Suite 110
Las Vegas, NV 89119