A new attack named VMScape allows malicious virtual machines to leak cryptographic keys from unmodified QEMU hypervisors on modern AMD and Intel CPUs, breaking the isolation between VMs and the cloud hypervisor. The researchers from ETH Zurich demonstrated that this attack could target cloud providers without needing to compromise the host, posing a significant risk to multi-tenant cloud security, although it requires advanced technical skills to execute. AMD and Intel have been notified, and mitigations have been released to address the vulnerability.

Ubuntu will disable security mitigations against Spectre attacks for Intel GPUs, resulting in a potential 20% boost in graphics performance. The decision, reached after consultations with Intel, comes as Ubuntu integrates its own mitigations into the Kernel, deeming the current protections unnecessary at the Compute Runtime level.