Vulnerability CVE–2016–5195 deals with privilege escalation in Linux systems.
In a virtual environment with hypervisor KVM and QEMU, can a virtual machine get access to it's host? If not, what is the protective layer here?
Asked
Active
Viewed 676 times
3
-
Ideally not. That's the whole purpose for a *Virtual Environment*. Not saying there is never going to be an exploit available to break out of the guest but "Dirty COW" isn't one of them. – HashHazard Oct 25 '16 at 15:23
1 Answers
5
You are looking at two different vulnerabilities.
Dirty Cow is a privilege escalation in the operating system. So, if your VM is vulnerable, that means it's possible to get root privileges in the VM's operating system, not in the host system.
In order to be possible to access the host, you need a vulnerability in KVM or QEMU that allows you to escape from the VM sandbox.
The Illusive Man
- 10,487
- 16
- 56
- 88
-
So vulnerability CVE–2016–5195 does not allow a root user in a virtual machine to access the host machines other virtual machines? There is a sandboxing layer here? Can you please explain more if you can how this works and why CVE–2016–5195 does not apply here? – Niklas Hagman Oct 26 '16 at 07:53
-
@NiklasHagman I already explained it. You are talking about two different kind of vulnerabilities. One is privilege escalation (dirty cow), other is VM escape. – The Illusive Man Oct 26 '16 at 08:12