cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Masahiro
Newcomer III

Questions about guest escape, host escape and VM escape

I am not confident enough in my understanding about differences between guest escape, host escape and VM escape. The followings are my understanding. Are they correct?

 

  • Guest escape is an attack that an account of a guest OS on the host OS manipulates another guest OS on it.
  • Host escape is an attack that an account of a guest OS on the host OS manipulates the host OS and is also called "VM escape".
Haneda, Masahiro
Certification: CISSP, CCSP, CCSK, PMP, ITIL Foundation V3
Location: Japan
My LinkedIn Profile
1 Reply
bkwalker
Newcomer III

I'm not sure that the terms are terribly well defined or useful. VM Escape is a well used term and IMO is the same things as Guest Escape. Host Escape could use some definition as well, perhaps that's referring to unintended/malicious manipulation of a guest OS from the host? However the host OS is presumed to have full control over the guest OS anyway, so I'm not sure that 'escape' is the right term.

This might help along with the CVE's referenced: https://en.wikipedia.org/wiki/Virtual_machine_escape