[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [Bug 1810956] Re: qemu-2.12.1 crashes when running maliciou
From: |
Peter Maydell |
Subject: |
[Qemu-devel] [Bug 1810956] Re: qemu-2.12.1 crashes when running malicious bootloader. |
Date: |
Tue, 08 Jan 2019 15:49:26 -0000 |
This is a bug, obviously, but note that we do not guarantee TCG binary
translation to be a security boundary against malicious code. Don't run
guest code you don't trust inside TCG without further sandboxing around
QEMU. (Much of the code that runs in a TCG configuration is old and
unaudited, so there may be lurking bugs. Configurations using KVM are
the only ones where we treat guest escapes as security bugs.)
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1810956
Title:
qemu-2.12.1 crashes when running malicious bootloader.
Status in QEMU:
New
Bug description:
Running specific bootloader on Qemu causes fatal error and
hence SIGABRT in /qemu-2.12.1/tcg/tcg.c on line 2684.
Bootloader binary code is included in attachments.
The code was generated by assembling a valid bootloader, then
appending random-bytes from file `/dev/urandom` to the binary file.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1810956/+subscriptions