Submitted 4 days ago by KarnaSubarna@lemmy.ml to selfhosted@lemmy.world
https://www.bleepingcomputer.com/news/security/new-vmscape-attack-breaks-guest-host-isolation-on-amd-intel-cpus/
I skimmed most of the article, glad to see it’s been patched.
It looks like the attack vector requires access to a VM on the host machine i.e. public cloud/VPS.
So maybe not a huge risk exclusively for self hosted configurations?
Mostly no, unless you expose your VM to the Internet or run untrusted code.
Anybody who does docker compose pull for any service?
circuscritic@lemmy.ca 4 days ago
I skimmed most of the article, glad to see it’s been patched.
It looks like the attack vector requires access to a VM on the host machine i.e. public cloud/VPS.
So maybe not a huge risk exclusively for self hosted configurations?
frongt@lemmy.zip 4 days ago
Mostly no, unless you expose your VM to the Internet or run untrusted code.
TheBlackLounge@lemmy.zip 4 days ago
Anybody who does docker compose pull for any service?