Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 670572

Summary: e1k driver can be used to escape from guest and execute code in host's ring3. 0-day
Product: Gentoo Security Reporter: n05ph3r42 <official.contacts>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED OBSOLETE    
Severity: critical    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description n05ph3r42 2018-11-07 10:29:57 UTC 
Explanation & PoC (ru): https://habr.com/post/429004/
video: https://player.vimeo.com/video/299325088?byline=0&badge=0

vulnerable
<= VirtualBox 5.2.20 using e1000 NAT
also all systems using e1k with NAT should be vulnerable too (KVM etc)