11-Year-Old Bug in Virtual Floppy Drive Code Allows Escape from Virtual Machines


Popular virtualization platforms relying on the virtual Floppy Disk Controller code from QEMU (Quick Emulator) are susceptible to a vulnerability that allows executing code outside the guest machine.

Among the affected platforms are Xen, KVM (Kernel-based Virtual Machine) and the native QEMU client, which are used by various cloud computing services.

In a blog post published on Mon… (read more)

Read more at Softpedia News