I've found a 4-year old bug in QEMU, allowing to crash it from the guest system. QEMU security team thinks that it's not a vulnerability, so I've sent the PoC and fixing patch to the public ML: https://lists.nongnu.org/archive/html/qemu-devel/2019-07/msg01651.html …
Hi Alexander, thanks for sharing your research! I think it’s a nice and interesting bug. May I ask how you found it? Source code review, fuzzing, runtime testing?
-
-
I was running a
#syzkaller instance for some time. Bad luck - it didn't find anything and sometimes was loosing connection to VMs. The alert from Fedora DE about QEMU was a clue. Then I used@mozilla rr for debugging QEMU and rr hanged :) I'll fix it. Actually it's a good luck. -
Thanks for sharing :-)
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.