The hot topic Intel bug & VMs

Recommended Posts

SoCalRox    190

I'm curious, and thought perhaps some peeps here may know the answer to a curiosity I have.

The big "bug" in all these Intel (and AMD, ARM, et al.) chips- does it appear in VMs? In other words, is VMWare/Parallels/Virtual Box/etc. replicating that bug in order to be compatible, intentionally or not? And... if their virtual processors do not have that same design flaw, what effect does the fix have on a VM? I use a lot of VMs, with different OSes, and am curious...

Share this post


Link to post
Share on other sites
xendrome    4,749

The instruction set would be the same across physical or VM, so I would assume the VM host providing software is not going to step in and apply their own fix at the hyper-visor level. That could cause compatibility issues now/later. So you are going to want to BIOS update he physical system, and patch any host and VM OS's to cover all aspects.

Share this post


Link to post
Share on other sites
+Zag L.    371

I actually thought virtualized systems were more at risk since the possibility exists that data from one VM instance (or even the host) can be read from another VM instance because the data in the speculative cache isn't segmented. Now granted, the data in that cache is random (from a single process point of view) and the attacker would need to realistically already have compromised the system with rouge code in order to potentially read something of value, but the risk is there - especially in larger virtual environments.

Share this post


Link to post
Share on other sites
Mockingbird    2,186

The risk you are talking about specifically concerns Meltdown which affects Intel processors and some ARM design.

 

It does not affect AMD processors nor most ARM processors.

 

The vulnerability involves exploiting Meltdown on a virtual machine in order to access memory from the host machine.

Share this post


Link to post
Share on other sites
SoCalRox    190

Interesting! I thought that may be the situation, but was way too shallow in these areas to know for sure. 

Thanks!

Share this post


Link to post
Share on other sites
+goretsky    819

Hello,

 

Virtual machine software such as VMware Workstation or Oracle Virtual Box do not emulate the processor of the host computer, they virtualize access to it.

 

As such, if the host system is vulnerable to Spectre (CVE-2017-5715, CVE-2017-5753) and Meltdown (CVE-2017-5754) vulnerabilities, the guest operating systems are as well.

 

Regards,

 

Aryeh Goretsky

 

Share this post


Link to post
Share on other sites
+Mando    4,744
On 1/19/2018 at 2:24 PM, Zag L. said:

I actually thought virtualized systems were more at risk since the possibility exists that data from one VM instance (or even the host) can be read from another VM instance because the data in the speculative cache isn't segmented. Now granted, the data in that cache is random (from a single process point of view) and the attacker would need to realistically already have compromised the system with rouge code in order to potentially read something of value, but the risk is there - especially in larger virtual environments.

cant confirm 100% on other VSs, but esxi is not affected by spectre/meltdown, when used in conjunction with the Bios upd. the CPU?s are virtualised, not emulated on esxi.

 

on my X Series hosts @work, post patching, im seeing zero slowdown, but my HA Cluster setup (3 hosts) runs cpu utilisation under 10% for 99% of the time :p I just ramped up each VMs CPU allocation, any slowdown mitigated :p 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.