VirtualBox On Linux Affected By Security Vulnerability Leaking Host Data To Guests

Written by Michael Larabel in Virtualization on 18 May 2022 at 01:36 PM EDT. 26 Comments
VIRTUALIZATION
Security researcher Jason Donenfeld who is known for leading the development of the WireGuard open-source software has outlined a new security vulnerability affecting the Oracle VM VirtualBox software.

When SIMD registers are used within interrupt handlers, it's possible for VirtualBox to leak data from the host to guest VMs.

Donenfeld explained on the kernel mailing list:
I wrote a tiny reproducer that should be pretty reliable for testing this, attached below. I think this proves my working theory. Run this in a VirtualBox VM, and then move your mouse around or hit the keyboard, or do something that triggers the add_{input,disk}_randomness() path from a hardirq handler. On my laptop, for example, the trackpoint goes via hardirq, but the touchpad does not. As soon as I move the trackpoint around, the below program prints "XSAVE is borked!".

Also, note that this isn't just "corruption" of the guest VM, but also leaking secret contents of the host VM into the guest. So you might really want to make sure VirtualBox issues a fix for this before 5.18, as it's arguably security sensitive.

That came up in a patch series around preventing FPU state corruption stemming from recent changes in the random code. Separately earlier this month was this kernel thread about openSUSE's VirtualBox maintainer noticing Linux 5.18 crashing in VirtualBox VMs.

VirtualBox has yet to fix the problem on their end while Linux developer Thomas Gleixner added in the series:
That virtualborx bug has to be fixed in any case as this problem exists forever and there have been drivers using FPU in hard interrupt context in the past sporadically, so it's sheer luck that this didn't explode before. AFAICT all of this has been moved to softirq context over the years, so the random code is probably the sole in hard interrupt user in mainline today.

In the interest of users we should probably bite the bullet and just disable hard interrupt FPU usage upstream and Cc stable. The stable kernel updates probably reach users faster.

While VirtualBox is affected, KVM meanwhile is known not to be affected by this issue and the recommended choice for open-source Linux virtualization.
26 Comments
Related News
Cloud Hypervisor 39 Adds NVIDIA GPUDirect P2P Support
QEMU 9.0 Released WIth True Multi-Queue Support For VirtIO Block Driver
CoCo VMs On Linux Will Now Panic If RdRand Is Broken To Avoid Catastrophic Conditions
More Efficient VirtIO DRM Driver To Import Scanout Buffers From Other Devices
KVM Virtualization With Linux 6.9 Brings More Optimizations For Intel & AMD
LXD 5.21 LTS Released With UI By Default, AMD SEV Memory Encryption For VMs
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
systemd Rolling Out "run0" As sudo Alternative
Linux Mint Looks To Fork More GNOME Software, Make XApp More Independent
Microsoft Updates Cascadia Code: Its Open-Source Font For Developers
Microsoft Open-Sources MS-DOS 4.0 Under MIT License
Rust-Written Redox OS Gets USB Keyboards & Mice Working
Rust-Based Coreutils 0.0.26 Increases Compatibility With GNU Coreutils
AMD Enabling "Fast CPPC" For Even Greater Linux Performance & Power Efficiency On Some CPUs
Proton 9.0 RC2 Makes More Windows Games Playable On Linux, Other Fixes