VirtualBox On Linux Affected By Security Vulnerability Leaking Host Data To Guests

Written by Michael Larabel in Virtualization on 18 May 2022 at 01:36 PM EDT. 26 Comments
VIRTUALIZATION
Security researcher Jason Donenfeld who is known for leading the development of the WireGuard open-source software has outlined a new security vulnerability affecting the Oracle VM VirtualBox software.

When SIMD registers are used within interrupt handlers, it's possible for VirtualBox to leak data from the host to guest VMs.

Donenfeld explained on the kernel mailing list:
I wrote a tiny reproducer that should be pretty reliable for testing this, attached below. I think this proves my working theory. Run this in a VirtualBox VM, and then move your mouse around or hit the keyboard, or do something that triggers the add_{input,disk}_randomness() path from a hardirq handler. On my laptop, for example, the trackpoint goes via hardirq, but the touchpad does not. As soon as I move the trackpoint around, the below program prints "XSAVE is borked!".

Also, note that this isn't just "corruption" of the guest VM, but also leaking secret contents of the host VM into the guest. So you might really want to make sure VirtualBox issues a fix for this before 5.18, as it's arguably security sensitive.

That came up in a patch series around preventing FPU state corruption stemming from recent changes in the random code. Separately earlier this month was this kernel thread about openSUSE's VirtualBox maintainer noticing Linux 5.18 crashing in VirtualBox VMs.

VirtualBox has yet to fix the problem on their end while Linux developer Thomas Gleixner added in the series:
That virtualborx bug has to be fixed in any case as this problem exists forever and there have been drivers using FPU in hard interrupt context in the past sporadically, so it's sheer luck that this didn't explode before. AFAICT all of this has been moved to softirq context over the years, so the random code is probably the sole in hard interrupt user in mainline today.

In the interest of users we should probably bite the bullet and just disable hard interrupt FPU usage upstream and Cc stable. The stable kernel updates probably reach users faster.

While VirtualBox is affected, KVM meanwhile is known not to be affected by this issue and the recommended choice for open-source Linux virtualization.
26 Comments
Related News
Linux Developers Consider Ending 32-bit KVM Host Virtualization Support`
QEMU 9.2 Released With VirtIO GPU Vulkan Support, AVX10 & Experimental Rust Support
Rust Hypervisor Firmware v0.5 Supports For More CPUs & Improves EFI Support
Linux 6.13 KVM Eliminates An "Awful Idea", Many x86_64 Improvements
Virtual CPUFreq Driver Coming With Linux 6.13 For Better Power/Performance Within VMs
IBM Power11 CPUs Launching In 2025 - Linux 6.13 Preps KVM Nested Guests For Power11
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features