VirtualBox

Ticket #18477 (closed defect: fixed)

Opened 15 months ago

Last modified 3 months ago

Virtual Machine Vulnerable while Host not Vulnerable

Reported by: LeeTS Owned by:
Component: other Version: VirtualBox 6.0.4
Keywords: Speculative Store Bypass Cc:
Guest type: Linux Host type: Linux

Description

Hi,

Using Host VirtualBox 6.0.4 on CentOS 7.6.

Guest also CentOS 7.6

On the Host

$ grep . /sys/devices/system/cpu/vulnerabilities/*

gives

/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation: Speculative Store Bypass disabled via prctl and seccomp

but inside the Virtual Machine Guest

$ grep . /sys/devices/system/cpu/vulnerabilities/*

gives

/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Vulnerable

Kindly check.

Change History

comment:1 Changed 15 months ago by LeeTS

Using Host VirtualBox 6.0.4 on Fedora 29.

Guest RHEL 8 Beta.

inside guest

$ grep . /sys/devices/system/cpu/vulnerabilities/*

gives

/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Vulnerable

Kindly check.

comment:2 Changed 3 months ago by aeichner

  • Status changed from new to closed
  • Resolution set to fixed

Passing through CPU Spectre mitigations should be supported in recent VirtualBox releases, closing.

Note: See TracTickets for help on using tickets.

www.oracle.com
ContactPrivacy policyTerms of Use