Explore a critical security vulnerability in hypervisors through this 35-minute Black Hat conference talk. Delve into how incorrect implementation of error handling code and insufficient error propagation can lead to severe security issues, including privilege escalation. Learn about a full guest-to-host escape exploitation technique that leverages misused error handling in Qemu/KVM. Gain insights from security researchers Xingwei Lin, Gaoning Pan, Jiashui Wang, Chunming Wu, and Xinlei Ying as they demonstrate the potential risks associated with error handling code in virtualization environments.
Overview
Syllabus
Scavenger: Misuse Error Handling Leading to Qemu/KVM Escape
Taught by
Black Hat