A recently discovered critical vulnerability presents yet another case study for the shortcomings of the isolation/virtual machine model for cybersecurity.
The vulnerability, CVE-2019-14378, has a severity of 8.8, and was first published in the National Vulnerability Database on July 29th, 2019. The vulnerability affects QEMU, the popular open source machine emulator and virtualizer.
Short for “Quick Emulator”, QEMU is an embedded C/C++ code software that acts as an interface between a guest system and the actual hardware it uses. Known as “hypervisors,” this method allows machines to stay separate from other machines using the same host, to protect themselves in the event another machine is infected. Using a “virtual machine” also allows you to test out different software and apps not used by your host system – including suspected malware – without worrying that it’ll affect your physical system. But what happens when a vulnerability allows a hacker to break out from one hypervisor and execute code on the host computer itself?
This is the case with CVE-2019-14378, which can allow a malicious actor to run malware on the host computer from a virtual machine. The flaw could allow hackers to carry out “virtual machine escape,” letting the guest operating system attack the host operating system that runs QEMU, execute code at the QEMU level, or crash QEMU process altogether. In other words, an embedded vulnerability in one stack can lead to compromised components elsewhere in the system.
The vulnerability also reveals how even if the coding languages you use are safe from arbitrary code execution – as is the case with Java – once an attacker manages to pen ..
Support the originator by clicking the read the rest link below.
