CVE-2019-14378: QEMU Virtual Machine Escape Vulnerability Alert

Recently, a researcher announced a heap buffer overflow vulnerability (CVE-2019-14378) that exists in the QEMU simulator SLiRP network implementation. An attacker could exploit the vulnerability to compromise the QEMU process on the host, resulting in a denial of service or the possibility to execute arbitrary code using the privileges of the QEMU process.

Successful exploitation of this vulnerability requires bypassing ASLR and PIE, and it is more difficult to exploit than VENOM attacks, but according to the verification video provided by the researcher, executing a shell script inside QEMU can open the Calculator process on the host. There are currently PoC for this vulnerability, and the vulnerability has been fixed in the new version.

At present, qemu official has released the latest version (v4.1.0, 1.0-rc5, v4.1.0-rc4) to fix this vulnerability, it is recommended to download the upgrade as soon as possible. SUSE, Debian, RedHat, etc. also provide the update to fix this vulnerability.