March 7, 2024 at 02:33AM
Hypervisor heavyweight VMware by Broadcom disclosed vulnerabilities in its hypervisors, rated 9.3/10 and 8.4, allowing a local actor to execute code outside the virtual machine. Another vulnerability, rated 7.1, affects VMware’s older vSphere 6.x. Workarounds include removing virtual USB controllers, impacting keyboard and mouse access. Researchers from 2023’s Tianfu Cup Pwn Contest discovered some flaws.
The meeting notes indicate that VMware, a heavyweight hypervisor provider, recently revealed several vulnerabilities in its hypervisors. The most critical vulnerabilities, CVE-2024-22252 and 22253, were rated 9.3/10 and 8.4 on different VMware hypervisor platforms, allowing a malicious actor with local administrative privileges on a virtual machine to execute code outside the guest.
VMware has labeled these flaws as an emergency change and has provided workarounds for the vulnerabilities, including removing virtual USB controllers from virtual machines. However, this solution may not be feasible at scale, as some operating systems require USB for keyboard and mouse access.
Another vulnerability, CVE-2024-22254, poses an out-of-bounds write vulnerability that could lead to an escape of the sandbox within the VMX process.
The discovery of these flaws is credited to researchers from the Tianfu Cup Pwn Contest in China, with VMware acknowledging their contribution.
Overall, the meeting notes highlight the seriousness of the vulnerabilities in VMware hypervisors and the potential impact on virtualization incidents if exploited.