src: securingtomorrow.mcafee.com
In computer security, virtual machine escape is the process of breaking out of a virtual machine and interacting with the host operating system. A virtual machine is a "completely isolated guest operating system installation within a normal host operating system". In 2008, a vulnerability (CVE-2008-0923) in VMware discovered by Core Security Technologies made VM escape possible on VMWare Workstation 6.0.2 and 5.5.4. A fully working exploit labeled Cloudburst was developed by Immunity Inc. for Immunity CANVAS (commercial penetration testing tool). Cloudburst was presented in Black Hat USA 2009.
Video Virtual machine escape
Previous known vulnerabilities
- CVE-2007-1744 Directory traversal vulnerability in shared folders feature for VMware
- CVE-2008-0923 Directory traversal vulnerability in shared folders feature for VMware
- CVE-2009-1244 Cloudburst: VM display function in VMware
- CVE-2012-0217 The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier
- CVE-2014-0983 Oracle VirtualBox 3D acceleration multiple memory corruption
- CVE-2015-3456 VENOM: buffer-overflow in QEMU's virtual floppy disk controller
- CVE-2015-7835 Xen Hypervisor: Uncontrolled creation of large page mappings by PV guests
- CVE-2016-6258 Xen Hypervisor: The PV pagetable code has fast-paths for making updates to pre-existing pagetable entries, to skip expensive re-validation in safe cases (e.g. clearing only Access/Dirty bits). The bits considered safe were too broad, and not actually safe.
- CVE-2016-7092 Xen Hypervisor: Disallow L3 recursive pagetable for 32-bit PV guests
- CVE-2017-0075 Hyper-V Remote Code Execution Vulnerability
- CVE-2017-0109 Hyper-V Remote Code Execution Vulnerability
- CVE-2017-4903 VMWare ESXi, Workstation, Fusion: SVGA driver contains buffer overflow that may allow guests to execute code on hosts
- CVE-2017-4934 VMware Workstation, Fusion: Heap buffer-overflow vulnerability in VMNAT device that may allow a guest to execute code on the host
- CVE-2017-4936 VMware Workstation, Horizon View : Multiple out-of-bounds read issues via Cortado ThinPrint may allow a guest to execute code or perform a Denial of Service on the Windows OS
Maps Virtual machine escape
See also
- Hyperjacking
src: i.ytimg.com
References
src: i.ytimg.com
External links
- CVE-2008-0923
- Cloudburst (Hacking 3D And Breaking Out Of Vmware) Blackhat 2009 (Video)
- https://technet.microsoft.com/library/security/MS17-008
Source of the article : Wikipedia