Crashing QEMU VGA Drivers - The Story of my First CVE

from blog David Buchanan's Blog, | ↗ original
By David Buchanan, 7th January 2018 Disclaimer: No exciting VM escapes, only DoS. This post is part of a series of posts discussing QEMU bugs. In this post, I describe the results of (accidental) manual bug testing. The second post will describe my primitive fuzzing setup which found a second bug. I actually found the first bug completely by chance when I wasn't even looking for it. It all started when I was playing This is a short summary. ↗ Open original to view full content

Related

GPU Passthrough in Debian
Mumbling about computers | original ↗
Compiler Tricks to Avoid ABI-Induced Crashes
Random ASCII – tech blog of Bruce Dawson | original ↗
Writing userspace USB drivers for abandoned devices
benjojo blog | original ↗
Looking for more debugger
Scattered Thoughts | original ↗
FVWM: Daily Driver Config
datagubbe | original ↗
Unit Testing
Writing an OS in Rust | original ↗
VGA Text Mode
Writing an OS in Rust | original ↗
Printing to Screen
Writing an OS in Rust | original ↗
Entering Long Mode
Writing an OS in Rust | original ↗
Make your QEMU 10 times faster with this one weird trick
Linus's blog | original ↗

More from David Buchanan's Blog

Can You Get Root With Only a Cigarette Lighter?
7 Oct 2024 | original ↗

By David Buchanan, 7th October 2024 Spoiler alert: Yes. the elite hacking tool they don't want you to know you already own Before you can write an exploit, you need a bug. When there are no bugs, we have to get creative—that's where Fault Injection comes in. Fault injection can take many forms, including software-controlled data...

Jailbreaking RabbitOS: Uncovering Secret Logs, and GPL Violations
16 Jul 2024 | original ↗

By David Buchanan, 16th July 2024 I assume by now that most people have heard of the Rabbit R1. Critics unanimously agree

SIMD in Pure Python
4 Jan 2024 | original ↗

By David Buchanan, 4th January 2024 First of all, this article is an exercise in recreational "because I can" programming. If you just want to make your Python code go fast, this is perhaps not the article for you. And perhaps Python is not the language you want, either! By the end, I'll explain how I implemented Game of Life in pure Python (plus pysdl2...

Text Editors Should Be Worse
2 Jan 2024 | original ↗

By David Buchanan, 2nd January 2024 This is a rant. You have been warned! I'd like text editors to be worse. Specifically, I'd like their default behaviour to be as close as possible to the median text input box you'd find in any piece of software, like the humble HTML <textarea>. More realistically, I'd like a configuration preset that lets me opt in to the same, without having to hunt for a thousand...

2024 Will Be the Year of the Blog
31 Dec 2023 | original ↗

By David Buchanan, 31th December 2023 ...or at least, it will be for mine! Social media platforms come and go, but the one constant for me has been my blog. Same domain. Same URLs. Almost the same web design. It's been here since I started writing in 2018, and for that year I updated it regularly with CTF write-ups. Between 2019 and 2022 however, I neglected it, with only 2 posts for the whole duration. The "death" of my blog was...