Blog Archives

10 new VM escape vulnerabilities discovered in VirtualBox

Oracle has released patches for ten vulnerabilities in VirtualBox which allow attackers to break out of guest operating systems and attack the host operating system that VirtualBox runs on. Exploits using this method, known as a “virtual machine escape,” have been the subject of intense interest among security researchers following the disclosure of the Venom vulnerability in 2015.

The vulnerabilities are collectively published as CVE-2018-2676, CVE-2018-2685, CVE-2018-2686, CVE-2018-2687, CVE-2018-2688, CVE-2018-2689, CVE-2018-2690, CVE-2018-2693, CVE-2018-2694, and CVE-2018-2698. While they all share the same resultant effect, the method involved—and subsequently the ease with which attackers can leverage the vulnerability—varies.

Please update your Malware Labs, due to the possibility of VM Escape. I’ve updated all of my Cuckoo Malware Labs, since this news was released.


Important Updates to NSX for vSphere KB Articles

Here is a list of currently trending KB articles for NSX for vSphere.

NSX Distributed Firewall unfiltered rules may be deleted during the firewall rule publish operation in VMware NSX for vSphere 6.x (2141155)

  • In Distributed Firewall Apply Filter mode in VMware NSX for vSphere 6.x, when filtered rules belonging to only one firewall section is modified and published by either Publish Section or Publish Changes or filtered rules belonging to multiple firewall sections are modified, you experienced these symptoms:
  • The publish operation may publish only the filtered rules
  • All the unfiltered rules within that section may be removed

VMware NSX for vSphere 6.2.1 supportability with vRealize Log Insight Reporting (2143058)

  • NSX for vSphere Log Insight Content Pack (both 1.0, and 2.0) does not work with NSX for vSphere 6.2 infrastructure release

The netcpa agent on an ESXi host fails to communicate with NSX controller(s) in VMware NSX for vSphere 6.x (2137011)

  • Routes from dynamic routing protocols may not be present in VMware NSX for vSphere 6.x Edge Services Gateway (ESG) or Distributed Logical Router (DLR) when the Control VM is running on affected ESXi host
  • Virtual machines on the affected ESXi host fails to communicate with other virtual machines running on other ESXi hosts
  • Running the esxcli network vswitch dvs vmware vxlan network list –vds-name=Name_VDS command on the ESXi host displays the VNIs as down

NSX User Interface (UI) is grayed out for several seconds and exhibits slow performance on NSX for vSphere 6.2.0 (2141919)

  • Selecting an item on the vSphere Web client for NSX appears to be slow. Specifically, the screen turns grey and pauses for roughly 10 seconds before a corresponding request from the Web client reaches NSX Manager and is captured in the NSX Manager logs (vsm.log)
  • After this initial slowness, performance works as expected
  • The NSX Manager logs display a roughly five-second lag to complete login and successful authentication between NSX Manager and Virtual Center

NSX is unavailable from the vSphere Web Client Plugin after backup of NSX Manager with quiesced snapshot (2142263)

  • NSX is unavailable from the vSphere Web Client plug-in.
  • The NSX plug-in User Interface (UI) is reachable but the pages do not display content
  • A restart of the NSX Manager is required to recover from this situation

The post Important Updates to NSX for vSphere KB Articles appeared first on Support Insider.

Source: VMware Blogs