VirtualBox E1000 Guest-to-Host Escape zero day

https://github.com/MorteNoir1/virtualbox_e1000_0day

VirtualBox 6.0 Beta 1 released

https://forums.virtualbox.org/viewtopic.php?f=1&t=89946

https://blogs.oracle.com/virtualization/oracle-vm-virtualbox-60-beta-1-released

Hmm, it looks like the ChangeLog is not up-to-date yet, unclear what firmware changes have occured:

https://www.virtualbox.org/wiki/Changelog

VBoxHardenedLoader

[…]What we will target:
– DMI Information;
– IDE/AHCI devices (harddisks, cd-rom’s);
– ACPI OEM Information;
– Ethernet Adapter MAC address;
– PXE Boot data;
– ACPI DSDT (Differentiated System Description Table);
– ACPI SSDT (Secondary System Descriptor Table);
– VGA Video BIOS data;
– BIOS data;
– VM splashscreen (optional, just for nice looking).
[…]

https://github.com/hfiref0x/VBoxHardenedLoader

http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3478

It requires Visual Studio and only targets Microsoft Windows. No Linux, FreeBSD, Mac OS X support. 😦

Somewhat related, there are also these 2 projects:

https://firmwaresecurity.com/2016/02/07/uefi-virtualbox-tutorial/

https://firmwaresecurity.com/2015/12/24/virtualbox-hardened-loader/

UEFI VirtualBox tutorial

There’s another new Github project related to UEFI, this one is a turorial using UEFI undre VirtualBox. Most use of virtualized UEFI occurs under QEMU, but VirtualBox also supports UEFI’s OVMF (Open Virtual Machine Firmware) format, so it is nice to see more documentation on using UEFI with VirtualBox, not only QEMU.

Tutorial on making UEFI with CMake and VirtualBox

UEFI Bare Bone Exercise

by Emanuele Ruffaldi using CMake,mxe and VirtualBox/Qemu

Related instructiosn from OSDEV: http://wiki.osdev.org/UEFI_Bare_Bones Other related project (Make+QEmu): – https://github.com/tqh/efi-examplehttp://www.rodsbooks.com/efi-programming/hello.html

Requirements:
 *  GCC Cross Compiler x86_64-w64-mingw32. MXE is fine
 * MTools
 * GNU-efi

[…]

 

https://github.com/eruffaldi/uefiboot

VirtualBox hardened loader

http://www.kernelmode.info/forum/viewtopic.php?f=11&p=27460#p27460
https://github.com/hfiref0x/VBoxHardenedLoader
http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3478

“VirtualBox Hardened VM detection mitigation loader: VBoxAntiVMDetectHardened is a complex of methods implemented to reduce VM detection possibilities of the common malware.”

Interesting, there are UEFI patches for this, as well!

VirtualBox 5.02 released

A few days ago Oracle released a new version of VirtualBox. It is a maintenance release, no huge new features I noticed, but lots of bugfixes, many related to hardware security issues, though no CVEs that I noticed.

https://blogs.oracle.com/virtualization/entry/oracle_vm_virtualbox_5_08

https://www.virtualbox.org/wiki/Changelog

 

VirtualBox 5.0 released

Oracle relased version 5.0 of VirtualBox yesterday. I don’t see any firmware features listed in the press, and I’ve not had a chance to do a code review of the new code yet. It has improved CPU and USB 3.0 support, at minimum.

QEMU is the main platform for running UEFI’s virtual firmware: OVMF. But Xen, KVM, and VirtualBox also support OVMF, to some degree. VirtualBox can also be recompiled with EFI-specific build directives to enable additional UEFI diagnostics.

https://www.oracle.com/corporate/pressrelease/oracle-vm-virtualbox-5-070915.html

https://blogs.oracle.com/virtualization/entry/oracle_vm_virtualbox_5_07

(In somewhat related news, back in March, Oracle’s Linux distro got Secure Boot support.)

https://blogs.oracle.com/wim/entry/secure_boot_support_with_oracle

 

CrowdStrike announces Venom vulnerability

As reported by Robert Hackett at Fortune, Crowdstrike has research on a new vulnerability that impacts virtualization. Venom stands for “virtualized environment neglected operations manipulation”. It impacts QEMU, Xen, KVM, and VirtualBox, among others.

(It must be a big deal, as it already has an icon. I think Heartbleed took longer for it’s icon.)

More information:
http://venom.crowdstrike.com/
http://fortune.com/2015/05/13/venom-vulnerability/