Wednesday, June 13, 2012

US-CERT warns of guest-to-host VM escape vulnerability

Summary: The vulnerability affects 64-bit operating systems and virtualization software running on Intel CPU hardware.


The U.S. Computer Emergency Readiness Team (CERT) has issued an alert for a dangerous guest-to-host virtual machine escape vulnerability affecting virtualization software from multiple vendors.

The vulnerability, which affects 64-bit operating systems and virtualization software running on Intel CPU hardware, exposes users to local privilege escalation attack or a guest-to-host virtual machine escape.


A ring3 attacker may be able to specifically craft a stack frame to be executed by ring0 (kernel) after a general protection exception (#GP). The fault will be handled before the stack switch, which means the exception handler will be run at ring0 with an attacker’s chosen RSP causing a privilege escalation.

Affected vendors include Intel Corp., FreeBSD, Microsoft, NetBSD, Oracle, RedHat, SUSE Linux and Xen.

The US-CERT advisory contains a full list of affected software and links to vendor-supplied patches.
VMWare says its products are not affected by this issue.
__________________

No comments:

Post a Comment

We are sorry we currently had to disable Disqus comments till further notice, as they currently have issues with this platform. For now feel free to use (but NOT ABUSE) this temporary comment system. We will be able to re-import into the previous comment system once the transition is complete. Thank you.

Please note: All comments are subject to moderation before appearance on this site.