What is VM escape?
Normally virtual machines are encapsulated, isolated environments. The operating systems running inside the virtual machine shouldn’t know that they are virtualized, and there should be no way to break out of the virtual machine and interact with the parent hypervisor. The process of breaking out and interacting with the hypervisor is called a “VM escape.” Since the hypervisor controls the execution of all of the virtual machines an attacker that can gain access to the hypervisor can then gain control over every other virtual machine running on the host. Because the hypervisor is between the physical hardware and the guest operating system an attacker will then be able to circumvent security controls in place on the virtual machine.