All news with #kvm tag

VMScape: Spectre-BTI Variant Breaks VM Isolation in VMs

🔒 Researchers have demonstrated VMScape, a Spectre-like branch target injection attack that breaks guest-to-host isolation on AMD and Intel CPUs in virtualized environments. The proof-of-concept targeted KVM/QEMU in its default configuration and extracted host disk encryption keys from an AMD Zen 4 system. Tracked as CVE-2025-40300, mitigations include inserting an Indirect Branch Prediction Barrier (IBPB) on VMEXIT, which maintainers report causes only marginal performance impact. The vulnerability highlights that existing Spectre-BTI defenses and microcode updates are insufficient in some virtualized deployments, particularly on AMD Zen microarchitectures.