Launching my blog with a walkthrough of virtme-ng: boot your kernel in QEMU, try cross-arch builds, run kselftests, and offload compilation to a remote machine. I'll be using virtme-ng on future posts.

https://koike.dev.br/posts/virtme-intro/

#Linux #LinuxKernel #kerneldev #virtme #QEMU
@igalia

kvm_arch_init_vcpu failed (0) Operation not supported #kvmvirtualization #qemu

https://askubuntu.com/q/1566934/612

Big news. A Qemu escape. Are you ready? Panic!!1!

https://www.reddit.com/r/blueteamsec/comments/1tfgm80/qemutiny_is_a_memory_corruption_vulnerability_in/

Wait, CXL? Reddit as a source? AI off, brain on moment incoming...

CXL, that's for FPGAs. The escape isn't for x86 or ARM. It's not even for virtio.

Typical Proxmox CE deployments use AppArmor Sandboxing. Guest-to-host escapes are possible, but not this way.

It's not that Qemu is a fortress of years of great security auditing. That's not my point. My point is that the AI hype for vuln hunting is a fata morgana. Unless you work hard, you get nothing with or without AI.

You are welcome.

#qemu #debian #proxmox #kvm #linux

QEMUtiny - QEMU escape vulnerability if cxl is used

QEMUtiny은 QEMU의 CXL Type-3 장치 에뮬레이션에서 발견된 메모리 손상 취약점으로, CXL 메일박스의 두 가지 버그(범위 밖 읽기 및 쓰기)를 악용해 게스트에서 호스트로 탈출할 수 있습니다. 이 취약점은 QEMU v7.1.0부터 v11.0.0까지 영향을 미치며, V12 보안팀이 발견하고 공개한 PoC가 존재합니다. 공격자는 이 취약점을 통해 QEMU 메모리 레이아웃을 탐색하고 임의 코드 실행이 가능합니다. 현재 CXL 지원은 비가상화 용도로 제한되어 있으나, 보안상 위험이 크므로 주의가 필요합니다.

https://github.com/v12-security/pocs/tree/main/qemu

#qemu #security #cxl #vulnerability #exploit

#qemu and hope to run those old #32bit apple apps on mojave...

thanks to https://github.com/kholia/osx-kvm

#kvm

Missing peripheral in QEMU? Adding it yourself is easier than you think.

We hit a wall analyzing CVE-2019-14192 on real Raspberry Pi 3B+ firmware, so we added the missing driver to #QEMU. Register by register, using U-Boot's own source as the spec.

🔗 http://www.eshard.com/blog/u-boot-cve-tta-qemu-part-2

#QEMU #Cybersecurity #firmware #uboot