July 27, 2015

QEMU Vulnerability Exposes The Host Through Emulated CD-ROM Drive

Back in May was the big "VENOM" security vulnerability affect QEMU whereby VM security could be escaped through QEMU's virtual floppy disk drive. In June was a PCNET controller buffer overflow allowing a guest to escape to have host access. Today there's a similar security vulnerability going public about its virtual CD-ROM drive...

Read more at Phoronix
Click Here!