Explore a critical security vulnerability in hypervisors through this 35-minute Black Hat conference talk. Delve into how incorrect implementation of error handling code and insufficient error propagation can lead to severe security issues, including privilege escalation. Learn about a full guest-to-host escape exploitation technique that leverages misused error handling in Qemu/KVM. Gain insights from security researchers Xingwei Lin, Gaoning Pan, Jiashui Wang, Chunming Wu, and Xinlei Ying as they demonstrate the potential risks associated with error handling code in virtualization environments.
Scavenger - Misuse Error Handling Leading to Qemu - KVM Escape
Overview
Syllabus
Scavenger: Misuse Error Handling Leading to Qemu/KVM Escape
Taught by
Black Hat
Related Courses
-
Timekiller: Escape From QEMU/KVM - Exploiting Asynchronous Clock Vulnerabilities
-
Escape From The Docker KVM QEMU Machine
-
Hunting and Exploiting Recursive MMIO Flaws in QEMU KVM
-
Attacking Hypervisors Using Firmware and Hardware
-
Cautious - A New Exploitation Method! No Pipe but as Nasty as Dirty Pipe
-
How to Make Error Handling Less Error-Prone
