At the 2021 Xen Developer and Design Summit, Tamas K Lengyel, Senior Security Researcher at Intel Corporation, gave a deep dive into the latest developments of Intel’s Xen-based fuzzer that the organization open-sourced last year. A fuzzer is a program that helps detect bugs in code.
Since open-sourcing, Tamas and his team have gained operational experience while fuzzing a variety of kernel modules in Linux. In this talk, he showcases the workflow that led to the discovery of several security issues in the Linux kernel, such as NULL-pointer dereferences, array-index out-of-bounds, and infinite loops in interrupt-context. All the issues were triggerable by an external device via DMA but thanks to the fuzzing effort, are now fixed upstream. This talk covers how Xen can be used to fuzz Windows VMs and even Xen itself!
See the full replay here: