SoCalRox Posted January 19, 2018 Share Posted January 19, 2018 I'm curious, and thought perhaps some peeps here may know the answer to a curiosity I have. The big "bug" in all these Intel (and AMD, ARM, et al.) chips- does it appear in VMs? In other words, is VMWare/Parallels/Virtual Box/etc. replicating that bug in order to be compatible, intentionally or not? And... if their virtual processors do not have that same design flaw, what effect does the fix have on a VM? I use a lot of VMs, with different OSes, and am curious... Link to comment Share on other sites More sharing options...
xendrome Posted January 19, 2018 Share Posted January 19, 2018 The instruction set would be the same across physical or VM, so I would assume the VM host providing software is not going to step in and apply their own fix at the hyper-visor level. That could cause compatibility issues now/later. So you are going to want to BIOS update he physical system, and patch any host and VM OS's to cover all aspects. Link to comment Share on other sites More sharing options...
+Biscuits Brown MVC Posted January 19, 2018 MVC Share Posted January 19, 2018 I actually thought virtualized systems were more at risk since the possibility exists that data from one VM instance (or even the host) can be read from another VM instance because the data in the speculative cache isn't segmented. Now granted, the data in that cache is random (from a single process point of view) and the attacker would need to realistically already have compromised the system with rouge code in order to potentially read something of value, but the risk is there - especially in larger virtual environments. Link to comment Share on other sites More sharing options...
Mockingbird Posted January 19, 2018 Share Posted January 19, 2018 (edited) The risk you are talking about specifically concerns Meltdown which affects Intel processors and some ARM design. It does not affect AMD processors nor most ARM processors. The vulnerability involves exploiting Meltdown on a virtual machine in order to access memory from the host machine. Link to comment Share on other sites More sharing options...
SoCalRox Posted January 19, 2018 Author Share Posted January 19, 2018 Interesting! I thought that may be the situation, but was way too shallow in these areas to know for sure. Thanks! Link to comment Share on other sites More sharing options...
goretsky Supervisor Posted January 22, 2018 Supervisor Share Posted January 22, 2018 Hello, Virtual machine software such as VMware Workstation or Oracle Virtual Box do not emulate the processor of the host computer, they virtualize access to it. As such, if the host system is vulnerable to Spectre (CVE-2017-5715, CVE-2017-5753) and Meltdown (CVE-2017-5754) vulnerabilities, the guest operating systems are as well. Regards, Aryeh Goretsky Mando and DConnell 2 Share Link to comment Share on other sites More sharing options...
Mando Posted January 22, 2018 Share Posted January 22, 2018 On 1/19/2018 at 2:24 PM, Zag L. said: I actually thought virtualized systems were more at risk since the possibility exists that data from one VM instance (or even the host) can be read from another VM instance because the data in the speculative cache isn't segmented. Now granted, the data in that cache is random (from a single process point of view) and the attacker would need to realistically already have compromised the system with rouge code in order to potentially read something of value, but the risk is there - especially in larger virtual environments. cant confirm 100% on other VSs, but esxi is not affected by spectre/meltdown, when used in conjunction with the Bios upd. the CPU?s are virtualised, not emulated on esxi. on my X Series hosts @work, post patching, im seeing zero slowdown, but my HA Cluster setup (3 hosts) runs cpu utilisation under 10% for 99% of the time I just ramped up each VMs CPU allocation, any slowdown mitigated goretsky 1 Share Link to comment Share on other sites More sharing options...
Recommended Posts