Recherche : [qemu]

MergeBoard - Execute Docker Containers as QEMU MicroVMs

qemu · docker

August 24, 2023 06:41:29 PM GMT+02:00 * · permalien

·

https://mergeboard.com/blog/2-qemu-microvm-docker/

Introduction | QEMU internals

A series of posts about QEMU internals:

qemu · poche

August 29, 2022 10:43:51 AM GMT+02:00 * · permalien

·

https://airbus-seclab.github.io/qemu_blog/

GitHub - wimpysworld/quickemu: Quickly create and run optimised Windows, macOS and Linux desktop virtual machines.

À voir, pour les optimisations

Quickly create and run optimised Windows, macOS and Linux desktop virtual machines. - GitHub - wimpysworld/quickemu: Quickly create and run optimised Windows, macOS and Linux desktop virtual machines.

qemu · poche

October 8, 2021 11:33:20 AM GMT+02:00 * · permalien

·

https://github.com/wimpysworld/quickemu

1122 - QEMU: user-to-root privesc inside VM via bad translation caching - project-zero - Monorail

qemu · exploit

March 21, 2017 12:48:11 PM GMT+01:00 * · permalien

·

https://bugs.chromium.org/p/project-zero/issues/detail?id=1122

QEMU may be fro-Xen out after two new bugs emerge • The Register

qemu · xen · kvm

August 9, 2015 08:44:41 PM GMT+02:00 * · permalien

·

http://www.theregister.co.uk/2015/08/04/xen_project_ponders_breakup_with_qemu_after_two_new_bugs_found/

Xen reports new guest-host escape, this time through CD-ROMs • The Register

The new vuln glories in the name XSA-138, aka CVE-2015-5154 and means “An HVM guest which has access to an emulated IDE CDROM device (e.g. with a device with "devtype=cdrom", or the "cdrom" convenience alias, in the VBD configuration) can exploit this vulnerability to take over the qemu process elevating its privilege to that of the qemu process.”

qemu · xen · kvm

August 9, 2015 08:44:24 PM GMT+02:00 * · permalien

·

http://www.theregister.co.uk/2015/07/28/xen_reports_new_guesthost_escape_this_time_through_cdroms/

VENOM virtual vuln proves less poisonous than first feared • The Register

Dubbed VENOM (Virtualized Environment Neglected Operations Manipulation), the zero-day flaw takes advantage of the “virtual floppy disk controller” and potentially allows attackers to escape out of the virtual machine and execute malicious code on its host.

PoC https://marc.info/?l=oss-security&m=143155206320935&w=2

qemu · kvm · xen

May 15, 2015 01:17:10 AM GMT+02:00 * · permalien

·

http://www.theregister.co.uk/2015/05/14/venom_analysis/