from our lab
Quick analysis and research insights for the recently reported RCE vulnerability in Chromium WebRTC code and embedders.
This deep technical note briefly covers five kernel vulnerabilities in Qualcomm chipsets & ARM Mali GPU, which landed on CISA Known Exploited Vulnerabilities Catalog between October and December 2023.
We analyzed the security patches of a recently disclosed Chrome 0-day attack to derive additional information about the vulnerability, and clarify practical threat impact.
At Pwn2Own Vancouver 2021 I have demonstrated an 0day VM escape exploit for Parallels Desktop hypervisor. The exploit chain that I developed was based on logic issues. In this deep technical presentation I share the technical details of the exploit, as well as various preliminary and contextual knowledge related to it. (Slides)
How to recover a complex vulnerability details from a binary security patch and create a proof of concept. A case study of VMware ESXi vmxnet3 Uninitialized Variable (CVE-2018-6981).
A story of a trivial *no-bug, by-design* guest-to-host VM escape on latest Parallels Desktop for Mac with bonus persistence, as enabled by the software vendor's product design decisions and certain properties of the Unix interactive shells.
Deep technical analysis of a security bug in Microsoft Hyper-V root partition kernel component, discovered by me.
This research note documents some core internals of Microsoft Hyper-V through the implementation perspective of the official Hyper-V paravirtualization drivers package for Linux virtual machines: the LIS.