How to break out of a hypervisor: Abuse Qemu-KVM on-Linux pre-5.3 – or VMware with an AMD driver

A pair of newly disclosed security flaws could allow malicious virtual machine guests to break out of their hypervisor's walled gardens and execute malicious code on the host box.

Both CVE-2019-14835 and CVE-2019-5049 are not particularly easy to exploit as they require specific types of hardware or events to occur. However, if successful, either could allow a miscreant to run malware on the host from a VM instance.

CVE-2019-14835 was discovered and reported by Peter Pi, a member of the Tencent Blade Team. It is found in the Linux kernel versions 2.6.34 up to version 5.3, where it is patched.

The flaw itself is found in Qemu-KVM, an open-source environment typically used to host virtual machines on Linux servers. Pi found that when the host server performs a migration to another machine, Qemu accesses a table in memory that the guest VM can write to.

If the attacker successfully manipulates that table, they can trigger a buffer overflow on the host server, allowing them to execute malicious code on the host machine outside the hypervisor.

"The bug happens in the live migrate flow. When migrating, Qemu needs to know the dirty pages, vhost/vhost_net uses a kernel buffer to record the dirty log, but it doesn't check the bounds of the log buffer," Blade Team said in its summary.

"So we can forge the desc table in guest, wait for migrate or doing something (like increase host machine workload or combine a memory leak bug, depends on vendor's migrate schedule policy) to trigger cloud vendor to migrate this guest."

As the summary notes, actually exposing the bug requires being able to trigger a migration, meaning the attack would either have to chain with another exploit or have some fairly detailed knowledge of the host server, making the real-world risk from the flaw slightly less.

Still, admins would be well advised to update the kernel on their Linux servers in order to get this and other bug fixes.

Meanwhile, with VMware and AMD...

Piotr Bania and Cisco Talos took credit for discovery of CVE-2019-5049. This is a memory corruption vulnerability exposed by ATIDXX64.DLL in versions 25.20.15031.5004 and 25.20.15031.9002 of AMD's graphics drivers. It can be exploited by Windows 10 virtual machines to break out of VMware Workstation. Thus, if you're hosting Windows 10 guests with these drivers present, you're at risk.

"A specially crafted pixel shader can cause an out-of-bounds memory write," Talos said of the bug.

"An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host."

Users and admins can patch the flaw by updating their AMD drivers to the latest stable version. ®