2

I don't know all the details of Spectre and Meltdown, but the way I understand it is that they allow reading from memory, not writing to it. Also, I read that at least Spectre can get out of the virtual machine and therefore also affect the host OS. Finally, the Whonix website says (summarized and emphasis added):

Experimental spectre/meltdown defenses. Testers only! Possibly not worth it due to huge performance penalty and unclear security benefits. Despite: host microcode upgrade, host kernel upgrade, VM kernel upgrade, spectre-meltdown-checker on the host showing "not vulnerable", latest VirtualBox version, all spectre/meltdown related VirtualBox settings tuned for better security as documented below... VirtualBox is likely still vulnerable to spectre/meltdown. For reference see VirtualBox bug report / forum discussion. Users can only wait for VirtualBox developers to fix this.

So that said, what can be done to mitigate the impact of Spectre and Meltdown exploited from a guest OS and avoid them to affect the host OS?

What I think is that if Spectre and Meltdown only allow malware to read data (memory), then I guess a VM without a network connection could avoid the problem. The infected guest OS can read data from the host OS, but it won't be able to send it anywhere. However, if I wanted my guest OS to be able to connect to the internet, then there's going to be trouble and I wouldn't know what to do.

reed
  • 15,398
  • 6
  • 43
  • 64
  • The practical problem is that a VM without internet connection has no internet connection which may make it useless for its purpose. – gnasher729 Feb 09 '22 at 21:57

1 Answers1

0

Most threats assume the presence of an internet connection. It is usually quite challenging to exfiltrate data without the internet.

Spectre and Meltdown vulnerabilities allow attackers to see data that is normally restricted. This may include cryptography keys, authentication tokens, or other highly sensitive data.

If your compromised VM has network connectivity, an attacker could steal any of that information from the underlying OS.

This is particularly dangerous in an enterprise environment, where hypervisor credentials could be stolen and used to compromise all of the guest VMs.

DoubleD
  • 3,862
  • 1
  • 6
  • 14
  • 2
    Spectre has nothing to do with networking. – forest Oct 19 '18 at 03:59
  • Neither have direct network implications. My point is that theft of data can only happen (typically) when networking is present. If he has non-networked Virtual Box guests, then guest mitigations are relatively pointless. Note the distinction between "exploit" and "threat", which are related but different concerns. – DoubleD Oct 19 '18 at 16:34
  • There are plenty of situations where data can be exfiltrated without a network connection. For example, one process with filesystem access could mount a side-channel attack against a target process and record its "findings" in the filesystem for later retrieval. Or a malicious process may use a side-channel attack to break ASLR in order to perform an exploit, without needing network access to do so. – forest Oct 20 '18 at 03:02
  • I said it is "usually quite challenging" to exfiltrate data without the network, not that it is impossible. You are being deliberately pedantic, yet you still manage to ignore what I actually wrote. I am no longer engaging with you. Good day. – DoubleD Oct 22 '18 at 15:34
  • 2
    I wouldn't even agree that it's _usually_ quite challenging. But if you do not want to accept constructive criticism and suggestions, I cannot force them on you. Have a good day. – forest Oct 24 '18 at 02:42