Explore a groundbreaking approach to QEMU virtual machine escape through USB device exploitation in this 24-minute conference talk from the Hack In The Box Security Conference. Delve into the challenges of cloud platform security, focusing on OpenStack's use of Qemu-KVM for virtualization. Learn about the concept of black box escape and its significance in public cloud environments. Analyze CVE-2020-14364 in-depth and discover innovative techniques for achieving a virtual machine escape without relying on key information such as QEMU version or binary files. Gain insights from security researchers specializing in virtualization security and software security analysis as they present their findings on this critical aspect of cloud infrastructure security.
Overview
Syllabus
#HITB2021AMS D2T2 - A QEMU Black Box Escape Via USB Device - Lingni Kong, Yanyu Zhang & Haipeng Qu
Taught by
Hack In The Box Security Conference
Related Courses
-
Escape From The Docker KVM QEMU Machine
-
Timekiller: Escape From QEMU/KVM - Exploiting Asynchronous Clock Vulnerabilities
-
Advanced Exploitation - Xen Hypervisor VM Escape
-
Advanced DMA Reentrancy Techniques to Escape QEMU
-
Hack Out of the Box - Discovering 10+ Vulnerabilities in VirtualBox
-
Hunting and Exploiting Recursive MMIO Flaws in QEMU KVM
