Pair of bug reports show how VM escapes put servers at risk

Discussion in 'other security issues & news' started by mood, Sep 16, 2019.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,907
    Vulnerability Spotlight: AMD ATI Radeon ATIDXX64.DLL shader functionality remote code execution vulnerability
    September 16, 2019
    https://blog.talosintelligence.com/2019/09/vuln-spotlight-AMD-Radeon-ATI-sept-19.html
     
  2. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,907
    Pair of bug reports show how VM escapes put servers at risk
    September 18, 2019
    https://www.theregister.co.uk/2019/09/18/vmware_amd_hypervisor_escapes/
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,907
    AMD Display Driver Security Updates address CVE-2019-5685
    September 17, 2019
    https://blogs.vmware.com/security/2...r-security-updates-address-cve-2019-5685.html
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,907
    AMD patches critical vulnerabilities in its Radeon graphics cards
    January 22, 2020
    https://hotforsecurity.bitdefender....ities-in-its-radeon-graphics-cards-22163.html
     
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,198
    I'm no expert, but I suspect that giving VMs direct access to the graphics card (for better performance) is the problem.
     
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,907
    VMware Warns Over AMD Driver Vulnerabilities
    January 27, 2020
    https://www.cbronline.com/cybersecurity/threats/amd-driver-vulnerability/
     
  7. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,907
    VMware fixes a critical bug in Workstation, Fusion that allows code execution on host From guest
    March 13, 2020
    https://securityaffairs.co/wordpress/99578/security/vmware-workstation-critical-bug.html
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.