New VMScape attack breaks guest-host isolation on AMD, Intel CPUs

circuscritic@lemmy.ca · 10 months

I skimmed most of the article, glad to see it’s been patched.

It looks like the attack vector requires access to a VM on the host machine i.e. public cloud/VPS.

So maybe not a huge risk exclusively for self hosted configurations?

frongt@lemmy.zip · 10 months

Mostly no, unless you expose your VM to the Internet or run untrusted code.

TheBlackLounge@lemmy.zip · 10 months

Anybody who does docker compose pull for any service?

circuscritic@lemmy.ca · 10 months

It’s a QEMU specific vulnerability.

ferret@sh.itjust.works · 10 months

It is a CPU vulnerability, so while the researchers used QEMU for their example, it is not necessarily specific to it.