Virtual machine escape

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Codename Lisa (talk | contribs) at 11:05, 16 November 2016 (→‎top: Removed patent nonsense). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

In computer security, virtual machine escape is the process of breaking out of a virtual machine and interacting with the host operating system.[1] A virtual machine is a "completely isolated guest operating system installation within a normal host operating system".[2] In 2008, a vulnerability (CVE-2008-0923) in VMware discovered by Core Security Technologies made VM escape possible on VMWare Workstation 6.0.2 and 5.5.4.[3][4] A fully working exploit labeled Cloudburst was developed by Immunity Inc. for Immunity CANVAS (commercial penetration testing tool).[5] Cloudburst was presented in Black Hat USA 2009.[6]

Previous known vulnerabilities

  • CVE-2007-1744 Directory traversal vulnerability in shared folders feature for VMware
  • CVE-2008-0923 Directory traversal vulnerability in shared folders feature for VMware
  • CVE-2009-1244 Cloudburst: VM display function in VMware
  • CVE-2012-0217 The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier
  • CVE-2014-0983 Oracle VirtualBox 3D acceleration multiple memory corruption
  • CVE-2015-3456 VENOM: buffer-overflow in QEMU's virtual floppy disk controller
  • CVE-2015-7835 Xen Hypervisor: Uncontrolled creation of large page mappings by PV guests
  • CVE-2016-6258 Xen Hypervisor: The PV pagetable code has fast-paths for making updates to pre-existing

pagetable entries, to skip expensive re-validation in safe cases (e.g. clearing only Access/Dirty bits). The bits considered safe were too broad, and not actually safe.

  • CVE-2016-7092 Xen Hypervisor: Disallow L3 recursive pagetable for 32-bit PV guests

References

  1. ^ What is VM Escape? - The Lone Sysadmin
  2. ^ "Virtual Machines: Virtualization vs. Emulation". Retrieved 2011-03-11.
  3. ^ Core Security Technologies
  4. ^ Researcher: Critical vulnerability found in VMware's desktop apps | ZDNet
  5. ^ Hacking Tool Lets A VM Break Out And Attack Its Host - Dark Reading
  6. ^ Black Hat ® Technical Security Conference: USA 2009 // Briefings

External links


Stub icon

This computing article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Virtual_machine_escape&oldid=749830461"