Dear all, I am using CloudStack 4.2.0 and KVM. My hypervisor hosts are using Ubuntu 12.04 LTS. Due to VENOM vulnerability, I upgraded QEMU on my Ubuntu hosts to the latest version on Ubuntu repository package:
qemu-kvm 1.0+noroms-0ubuntu14.22 as per below recommendation: http://www.ubuntu.com/usn/usn-2608-1/ After the upgrade, I noted that the attach ISO function doesn't work: - During Windows OS installation, I tried to attach VirtIO driver ISO but it cannot browse the file; - I attached a Linux installation ISO and reboot a VM, it cannot detect the CD/DVD drive. - Generally, it seems that I can only view content of an attached ISO only after I reboot the VM. Prior to the upgrade, this was not the case and an attached ISO is normally detected and browse-able immediately after being attached. Prior to this, I am using older version of QEMU 1.5.1 compiled from source, and to address the VENOM issue, I decided to revert back to the QEMU package provided by Ubuntu. Could this be the reason? I didn't download and compile QEMU from source since the latest version available on QEMU website: version 2.3.0 is released before VENOM vulnerability was disclosed so I am not too sure whether it contains the latest patches to address the vulnerability. Any advice is highly appreciated. Thank you.
