[zobzu]

that's an incorrect understanding on many levels unfortunately.

About VMs:

A lot uses direct-host-communication-mechanisms such as paio, virtio, etc. These are close to running on-the-host. Them KVM and Xen both have bugs and these can be exploited to reach the host OS as root. Its just that they have a much smaller attack surface.

About namespacing (if we're into nitpicking, let's use the actual tech. name shall we?):

Most namespaces are used to create so-called containers which run entiere OS images (LXC, systemd-nxspawn, Docker, etc. all are used for that by default) in combination with chroot() and other technologies - even thus you can just call namespacing functions within a process or with a limited amount of programs in a chroot.

It does not matter that the kernel is shared, if you bring in your entiere userland, from a user perspective containers == VM. Sure, from a tech. point of view its different, but that's EXACTLY my point - most users use both the same way.