Google’s Project Zero has released another vulnerability report showing a proof-of-concept exploit against the open source KVM hypervisor that allows an attacker to escape a virtual machine on AMD-based servers and gain control of the underlying host system.

“To the best of my knowledge,” said Project Zero researcher Felix Wilhelm of his discovery, “this is the first public attribution of a KVM guest-to-host breakout that is not due to faults in user area components such as QEMU.”

The vulnerability, demonstrated by a proof-of-concept attack to launch a shell on a host system with an AMD Epyc 7351P processor, stems from features that are exclusive to AMD chips – i.e., Intel, the long-time rival of the Company, and the current majority owner of the server market, remains unaffected.

“AMD’s recent surge in server market share means that AMD’s implementation of KVM has suddenly …



Source link

Leave a Reply