Karna@lemmy.ml to Selfhosted@lemmy.worldEnglish · 17 hours agoNew VMScape attack breaks guest-host isolation on AMD, Intel CPUswww.bleepingcomputer.comexternal-linkmessage-square4fedilinkarrow-up146arrow-down10
arrow-up146arrow-down1external-linkNew VMScape attack breaks guest-host isolation on AMD, Intel CPUswww.bleepingcomputer.comKarna@lemmy.ml to Selfhosted@lemmy.worldEnglish · 17 hours agomessage-square4fedilink
minus-squarecircuscritic@lemmy.calinkfedilinkEnglisharrow-up8·16 hours agoI skimmed most of the article, glad to see it’s been patched. It looks like the attack vector requires access to a VM on the host machine i.e. public cloud/VPS. So maybe not a huge risk exclusively for self hosted configurations?
minus-squarefrongt@lemmy.ziplinkfedilinkEnglisharrow-up6·16 hours agoMostly no, unless you expose your VM to the Internet or run untrusted code.
minus-squareTheBlackLounge@lemmy.ziplinkfedilinkEnglisharrow-up5arrow-down1·15 hours agoAnybody who does docker compose pull for any service?
minus-squarecircuscritic@lemmy.calinkfedilinkEnglisharrow-up10·14 hours agoIt’s a QEMU specific vulnerability.
I skimmed most of the article, glad to see it’s been patched.
It looks like the attack vector requires access to a VM on the host machine i.e. public cloud/VPS.
So maybe not a huge risk exclusively for self hosted configurations?
Mostly no, unless you expose your VM to the Internet or run untrusted code.
Anybody who does docker compose pull for any service?
It’s a QEMU specific vulnerability.