Pair of bug reports show how VM escapes put servers at risk
A pair of newly disclosed security flaws could allow malicious virtual machine guests to break out of their hypervisor's walled gardens and execute malicious code on the host box.
Both CVE-2019-14835 and CVE-2019-5049 are not particularly easy to exploit as they require specific types of hardware or events to occur. However, if successful, either could allow a miscreant to run malware on the host from a VM instance.
CVE-2019-14835 was discovered and reported by Peter Pi, a member of the Tencent Blade Team. It is found in ..
Support the originator by clicking the read the rest link below.
