Mitigation of Spectre and Meltdown affecting host OS from guest OS (Virtualbox)

I don’t know all the details of Spectre and Meltdown, but the way I understand it is that they allow reading from memory, not writing to it. Also, I read that at least Spectre can get out of the virtual machine and therefore also affect the host OS. Finally, the Whonix website says (summarized and emphasis added):

Experimental spectre/meltdown defenses. Testers only! Possibly not worth it due to huge performance penalty and unclear security benefits. Despite: host microcode upgrade, host kernel upgrade, VM kernel upgrade, spectre-meltdown-checker on the host showing “not vulnerable”, latest VirtualBox version, all spectre/meltdown related VirtualBox settings tuned for better security as documented below… VirtualBox is likely still vulnerable to spectre/meltdown. For reference see VirtualBox bug report / forum discussion. Users can only wait for VirtualBox developers to fix this.

So that said, what can be done to mitigate the impact of Spectre and Meltdown exploited from a guest OS and avoid them to affect the host OS?

What I think is that if Spectre and Meltdown only allow malware to read data (memory), then I guess a VM without a network connection could avoid the problem. The infected guest OS can read data from the host OS, but it won’t be able to send it anywhere. However, if I wanted my guest OS to be able to connect to the internet, then there’s going to be trouble and I wouldn’t know what to do.