- Joined
- May 13, 2010
- Messages
- 5,704 (1.12/day)
System Name | RemixedBeast-NX |
---|---|
Processor | Intel Xeon E5-2690 @ 2.9Ghz (8C/16T) |
Motherboard | Dell Inc. 08HPGT (CPU 1) |
Cooling | Dell Standard |
Memory | 24GB ECC |
Video Card(s) | Gigabyte Nvidia RTX2060 6GB |
Storage | 2TB Samsung 860 EVO SSD//2TB WD Black HDD |
Display(s) | Samsung SyncMaster P2350 23in @ 1920x1080 + Dell E2013H 20 in @1600x900 |
Case | Dell Precision T3600 Chassis |
Audio Device(s) | Beyerdynamic DT770 Pro 80 // Fiio E7 Amp/DAC |
Power Supply | 630w Dell T3600 PSU |
Mouse | Logitech G700s/G502 |
Keyboard | Logitech K740 |
Software | Linux Mint 20 |
Benchmark Scores | Network: APs: Cisco Meraki MR32, Ubiquiti Unifi AP-AC-LR and Lite Router/Sw:Meraki MX64 MS220-8P |
Summary: The vulnerability affects 64-bit operating systems and virtualization software running on Intel CPU hardware.
The U.S. Computer Emergency Readiness Team (CERT) has issued an alert for a dangerous guest-to-host virtual machine escape vulnerability affecting virtualization software from multiple vendors.
The vulnerability, which affects 64-bit operating systems and virtualization software running on Intel CPU hardware, exposes users to local privilege escalation attack or a guest-to-host virtual machine escape.
From the advisory:
A ring3 attacker may be able to specifically craft a stack frame to be executed by ring0 (kernel) after a general protection exception (#GP). The fault will be handled before the stack switch, which means the exception handler will be run at ring0 with an attacker’s chosen RSP causing a privilege escalation.
Affected vendors include Intel Corp., FreeBSD, Microsoft, NetBSD, Oracle, RedHat, SUSE Linux and Xen.
The US-CERT advisory contains a full list of affected software and links to vendor-supplied patches.
VMWare says its products are not affected by this issue.
The U.S. Computer Emergency Readiness Team (CERT) has issued an alert for a dangerous guest-to-host virtual machine escape vulnerability affecting virtualization software from multiple vendors.
The vulnerability, which affects 64-bit operating systems and virtualization software running on Intel CPU hardware, exposes users to local privilege escalation attack or a guest-to-host virtual machine escape.
From the advisory:
A ring3 attacker may be able to specifically craft a stack frame to be executed by ring0 (kernel) after a general protection exception (#GP). The fault will be handled before the stack switch, which means the exception handler will be run at ring0 with an attacker’s chosen RSP causing a privilege escalation.
Affected vendors include Intel Corp., FreeBSD, Microsoft, NetBSD, Oracle, RedHat, SUSE Linux and Xen.
The US-CERT advisory contains a full list of affected software and links to vendor-supplied patches.
VMWare says its products are not affected by this issue.