|
|
|
|
|
|
by jo909
3087 days ago
|
|
|
No, that would be bad design any day of the year. You would limit the attack surface of the hypervisor as much as possible, which means near to zero network access from the internet or customer networks. But that is just not enough. As their advisory states this might allow reading memory of other guests, and who knows what that guest is doing and what next attack that might lead to. Anything you can imagine, really. The attacker might find keys that allow access to systems not even running on that platform. Maybe user passwords. Maybe private mails or documents. Any data the other guest ever processes is at risk. It's not a guaranteed win and very limited possibilities to automate. But the potential harm could be unbelievable. |
|
|