A vulnerability in vhost-net that allows bypassing isolation in systems based on QEMU-KVM
Information has been disclosed about a vulnerability (CVE-2019-14835) that allows you to escape the guest system in KVM (qemu-kvm) and execute your code on the host side in the context of the Linux kernel. The vulnerability has been codenamed V-gHost. The problem allows the guest system to create conditions for a buffer overflow in the vhost-net kernel module (network backend for virtio), executed on the side of the host environment. The attack could be […]