Overview
Explore a groundbreaking approach to QEMU virtual machine escape through USB device exploitation in this 24-minute conference talk from the Hack In The Box Security Conference. Delve into the challenges of cloud platform security, focusing on OpenStack's use of Qemu-KVM for virtualization. Learn about the concept of black box escape and its significance in public cloud environments. Analyze CVE-2020-14364 in-depth and discover innovative techniques for achieving a virtual machine escape without relying on key information such as QEMU version or binary files. Gain insights from security researchers specializing in virtualization security and software security analysis as they present their findings on this critical aspect of cloud infrastructure security.
Syllabus
#HITB2021AMS D2T2 - A QEMU Black Box Escape Via USB Device - Lingni Kong, Yanyu Zhang & Haipeng Qu
Taught by
Hack In The Box Security Conference