All news with #spectre v2 tag

VMScape: Practical Spectre v2 Sandbox Escape in VMs

⚠️ Researchers at ETH Zurich published a paper demonstrating VMScape, a practical Spectre v2 (branch target injection) attack that escapes a guest VM to read host memory in virtualized environments. The team showed AMD Zen1–Zen5 CPUs and older Intel Coffee Lake servers can be abused to exfiltrate secrets from a default-configured VM. The issue was assigned CVE-2025-40300 and a Linux kernel patch is available; hardware protections such as SEV/SEV-SNP and TDX are recommended mitigations.