Oracle VM VirtualBox – VM Escape via VGA Device

For the record: Oracle does not consider that the 3D feature should be enabled when the VM is untrusted. It's still classified as experimental and will likely be so for another decade at least.

I've seen something like this in ChromeOS too, since both devices will use similar methodologies and technologies in their respective VMs. The attackers would glitch the VGA framebuffer, and the only way you can tell was your screen would show random garbage briefly. As the attack escalated, the glitches got worse until either the computer crashed or they accomplished their exfiltration. I think ChromeOS patched it a while ago, so I don't see it anymore. Attack vector was something like Chrome Browser -> (?) -> Framebuffer -> [Cross VMs to host].

Would this work with a headless VM only accessed via SSH? I naively perhaps assume it would be safe as its not using a virtual vga device but perhaps the machines still has the vga device present in the virtual environment it just not being used by the user but still vulnerable?<p>also is this specific to any particular host operating system or all versions of virtualbox?

The linked repo wasn&#x27;t updated in 8 months, up-to-date code is here:<p><a href="https:&#x2F;&#x2F;www.virtualbox.org&#x2F;browser&#x2F;vbox&#x2F;trunk&#x2F;src&#x2F;VBox&#x2F;Devices&#x2F;Graphics&#x2F;DevVGA-SVGA3d-shared.cpp#L332" rel="nofollow">https:&#x2F;&#x2F;www.virtualbox.org&#x2F;browser&#x2F;vbox&#x2F;trunk&#x2F;src&#x2F;VBox&#x2F;Devic...</a><p>I think this was the fix:<p><a href="https:&#x2F;&#x2F;www.virtualbox.org&#x2F;changeset&#x2F;108903&#x2F;vbox&#x2F;trunk&#x2F;src&#x2F;VBox&#x2F;Devices&#x2F;Graphics&#x2F;DevVGA-SVGA3d-shared.cpp" rel="nofollow">https:&#x2F;&#x2F;www.virtualbox.org&#x2F;changeset&#x2F;108903&#x2F;vbox&#x2F;trunk&#x2F;src&#x2F;V...</a>

This would not have been possible with seL4 virtualization.<p>There, VM exceptions are turned into messages for VMM, which is unprivileged, and has capabilities that do not exceed those of the VM itself.

VirtualBox just crashes all the time anyways. At least the few newest versions keep crashing when running Ubuntu 22.04 or 24.04 LTS.

There is no reason to use virtual box on Windows nowdays, Hyper-v and vmware are free for personnal use and are much much better than VirtualBox.<p><a href="https:&#x2F;&#x2F;blogs.vmware.com&#x2F;workstation&#x2F;2024&#x2F;05&#x2F;vmware-workstation-pro-now-available-free-for-personal-use.html" rel="nofollow">https:&#x2F;&#x2F;blogs.vmware.com&#x2F;workstation&#x2F;2024&#x2F;05&#x2F;vmware-workstat...</a>