|
@a13xp0p0v | |||||
|
I've found a 4-year old bug in QEMU, allowing to crash it from the guest system.
QEMU security team thinks that it's not a vulnerability, so I've sent the PoC and fixing patch to the public ML:
lists.nongnu.org/archive/html/q…
|
||||||
|
||||||
|
Magnus K. Stubman
@magnusstubman
|
6. srp |
|
Hi Alexander, thanks for sharing your research! I think it’s a nice and interesting bug. May I ask how you found it? Source code review, fuzzing, runtime testing?
|
||
|
|
||
|
Alexander Popov
@a13xp0p0v
|
6. srp |
|
I was running a #syzkaller instance for some time. Bad luck - it didn't find anything and sometimes was loosing connection to VMs.
The alert from Fedora DE about QEMU was a clue.
Then I used @mozilla rr for debugging QEMU and rr hanged :) I'll fix it. Actually it's a good luck.
|
||
|
|
||
|
Paul Vixie
@paulvixie
|
6. srp |
|
with all of the side channel attacks and hyperviser vulns in recent years, i've concluded that a computer really is single-user, and if you believe otherwise (and thus, share it) you will face unpleasant truths later on.
|
||
|
|
||