Hypervisors are becoming increasingly ubiquitous with the growing proliferation of virtualized data centers. As a result, attackers are exploring vectors to attack hypervisors, against which an attack may be executed via several attack vectors such as device drivers, virtual machine exit events, or hypercalls, which enable intrusions in hypervisors through their hypercall interfaces. Despite the importance, there is very limited publicly available information on vulnerabilities of hypercall handlers and attacks triggering them, which significantly hinders advances towards monitoring and securing these interfaces. In this experience report paper, we characterize the hypercall attack surface based on analyzing a set of vulnerabilities of hypercall handlers. We systematize and discuss the errors that caused the considered vulnerabilities, and activities for executing attacks triggering them. We also demonstrate attacks triggering the considered vulnerabilities and analyze their effects. Finally, we suggest an action plan for improving the security of hypercall interfaces.
2014 IEEE 25th International Symposium on Software Reliability Engineering (ISSRE), November 2014
DOI
Cited by
Year 2015 : 1 citations
R. J. Masti, C. Marforio, K. Kostiainen, C. Soriente, and S. Capkun, “Logical Partitions on Many-Core Platforms,” in Proceedings of the 31st Annual Computer Security Applications Conference, New York, NY, USA, 2015, pp. 451–460.
