<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div><blockquote type="cite" class=""><div class=""><div dir="ltr" class=""><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">[,,,]<br class="">
<a href="https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/" rel="noreferrer" target="_blank" class="">https://semiaccurate.com/2017/<wbr class="">05/01/remote-security-exploit-<wbr class="">2008-intel-platforms/</a><br class=""></blockquote><div class="">Any details of what level of local access is needed for a local exploit? In particular, is this exploitable from inside a VM? That would be really bad news for AWS, Google Cloud, or Azure. </div></div></div></div></div></blockquote>Published details remain vague.</div><div><br class="">One could also ask what level of *network* access is required.  If simply the ability to send a packet to the machine is enough, perhaps you could break into one VM's host from a different VM - since VM's you own can send each other packets.</div><div><div>                                                        -- Jerry</div><div class=""><br class=""></div></div><br class=""></body></html>