Virtual machine escape

In computer security, virtual machine escape is the process of a program breaking out of the virtual machine on which it is running and interacting with the host operating system. In theory, a virtual machine is a "completely isolated guest operating system installation within a normal host operating system", but this isn't always the case in practice.
For example, in 2008, a vulnerability in VMware discovered by Core Security Technologies made VM escape possible on VMware Workstation 6.0.2 and 5.5.4. A fully working exploit labeled Cloudburst was developed by Immunity Inc. for Immunity CANVAS . Cloudburst was presented at Black Hat USA 2009.

Previous known vulnerabilities

Xen pygrub: Command injection in grub.conf file.
Directory traversal vulnerability in shared folders feature for VMware
Directory traversal vulnerability in shared folders feature for VMware
Xen Para Virtualized Frame Buffer backend buffer overflow.
Cloudburst: VM display function in VMware
QEMU-KVM: PIIX4 emulation does not check if a device is hotpluggable before unplugging
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier
Oracle VirtualBox 3D acceleration multiple memory corruption
VENOM: buffer-overflow in QEMU's virtual floppy disk controller
QEMU-KVM: Heap overflow in pcnet_receive function.
Xen Hypervisor: Uncontrolled creation of large page mappings by PV guests
Xen Hypervisor: The PV pagetable code has fast-paths for making updates to pre-existing pagetable entries, to skip expensive re-validation in safe cases. The bits considered safe were too broad, and not actually safe.
Xen Hypervisor: Disallow L3 recursive pagetable for 32-bit PV guests
CVE-2017-5715, 2017-5753, 2017-5754: The Spectre and Meltdown hardware vulnerabilities, a cache side-channel attack on CPU level, allow a rogue process to read all memory of a computer, even outside the memory assigned to a virtual machine
Hyper-V Remote Code Execution Vulnerability
Hyper-V Remote Code Execution Vulnerability
VMware ESXi, Workstation, Fusion: SVGA driver contains buffer overflow that may allow guests to execute code on hosts
VMware Workstation, Fusion: Heap buffer-overflow vulnerability in VMNAT device that may allow a guest to execute code on the host
VMware Workstation, Horizon View : Multiple out-of-bounds read issues via Cortado ThinPrint may allow a guest to execute code or perform a Denial of Service on the Windows OS
Oracle VirtualBox: shared memory interface by the VGA allows read and writes on the host OS
VMware ESXi, Workstation, Fusion: Uninitialized stack memory usage in the vmxnet3 virtual network adapter.
: "Microarchitectural Data Sampling" attacks: Similar to above Spectre and Meltdown attacks, this cache side-channel attack on CPU level allows to read data across VMs and even data of the host system. Sub types: Microarchitectural Store Buffer Data Sampling, Microarchitectural Fill Buffer Data Sampling = Zombieload, Microarchitectural Load Port Data Sampling, and Microarchitectural Data Sampling Uncacheable Memory
,,,, Windows Hyper-V Remote Code Execution Vulnerability
: Xen Hypervisor and Citrix Hypervisor: Allows guest virtual machines to compromise the host system
, : Windows 10 and VMWare Workstation using AMD Radeon graphics cards using Adrenalin driver: attacker in guest system can use pixel shader to cause memory error on the host system, injecting malicious code to the host system and execute it.
: ZombieLoad, ZombieLoad v2, Vector Register Sampling, Microarchitectural Data Sampling, Transactional Asynchronous Abort, CacheOut, L1D Eviction Sampling : L1 cache side attacks on CPU level allow virtual machines to read memory outside of their sandbox
CVE-2020-3962, CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3966, CVE-2020-3967, CVE-2020-3968, CVE-2020-3969, CVE-2020-3970, CVE-2020-3971: VMware ESXi, Workstation Pro / Player, Fusion Pro, Cloud Foundation: Vulnerabilities in SVGA, graphics shader, USB driver, xHCI/EHCI, PVNVRAM, and vmxnet3 can cause virtual machine escape