Breaking Isolation: A New Perspective on Hypervisor Exploitation Via Cross-Domain Attacks

Hypervisors are under threat by critical memory safety vulnerabilities, with pointer corruption being one of the most prevalent and severe forms. Existing exploitation frameworks depend on identifying highly-constrained structures in the host machine and accurately determining their runtime...

USN-7123-1 linux-azure vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service system crash or possibly expose sensitive information...

Unable to Interact with Some Hypervisors and Cloud Platforms

Veeam Backup & Replication 13.0.1 Upgrade Warning During the upgrade to Veeam Backup & Replication 13.0.1 or higher, the following warning may be displayed: Incompatible backup server certificate The certificate does not support child certificates creation and must be replaced for virtualization...

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

Ransomware attacks targeting VMware ESXi infrastructure follow an established pattern regardless of the file-encrypting malware deployed, new findings show. "Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations an...

VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege Escalation

VMware: Host VMX Process Impersonation Hijack EoP Platform: VMware Workstation Windows v14.1.5 on Windows 10. Also tested VMware Player 15.0.2. Class: Elevation of Privilege Summary: The creation of the VMX process on a Windows host can be hijacked leading to elevation of privilege. Description:...

Fresh Spectre Variants Come to Light

Two new speculative execution bugs have earned researchers a $100,000 bug bounty from Intel. MIT’s Vladimir Kiriansky and independent researcher Carl Waldspurger uncovered what they call Spectre1.1 and a subset, Spectre1.2, collectively referred to as Variant 4 of Spectre by Intel and ARM. Like t...

FreeBSD : qemu, xen and VirtualBox OSE -- possible VM escape and code execution ('VENOM') (2780e442-fc59-11e4-b18b-6805ca1d3bb1) (Venom)

Jason Geffner, CrowdStrike Senior Security Researcher reports : VENOM, CVE-2015-3456, is a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. This vulnerability may allow an attacker to escape from the confines of an affected virtual machine VM...

SA95 : VENOM Vulnerability in Virtualization Platforms

SUMMARY The VENOM vulnerability allows a local guest user in affected virtualized platforms to escape from the virtual environment and execute code on the host. An attacker can use this vulnerability to gain complete access to the host and to the host's local network and adjacent systems. AFFECTE...

Venom Vulnerability Exposes Most Data Centers to Cyber Attacks

Just after a new security vulnerability surfaced Wednesday, many tech outlets started comparing it with HeartBleed, the serious security glitch uncovered last year that rendered communications with many well-known web services insecure, potentially exposing Millions of plain-text passwords. But...

qemu, xen and VirtualBox OSE -- possible VM escape and code execution ("VENOM")

Jason Geffner, CrowdStrike Senior Security Researcher reports: VENOM, CVE-2015-3456, is a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. This vulnerability may allow an attacker to escape from the confines of an affected virtual machine VM...