Monday, November 10, 2008

VMware Security Notice: CPU flaw may lead to guest VM privilege escalation!

Good to see VMware addressing the issue immediately. This is the one I also mentioned [briefly explained] when explaining the Rings and methods of deprivileging that are used to host guest VMs on a platform, in my last BrightTalk Summit talk.

VMware products emulate hardware functions and create the
possibility to run guest operating systems.

A flaw in the CPU hardware emulation might allow the virtual CPU to
incorrectly handle the Trap flag. Exploitation of this flaw might
lead to a privilege escalation on guest operating systems. An
attacker needs a user account on the guest operating system and
have the ability to run applications.

VMware would like to thank Derek Soeder for discovering
this issue and working with us on its remediation.


No comments yet