- Nachrichtendetail
-
02.07.2024 21:48:52 - dpa-AFX: Google Launches $250,000 Bug Bounty Program For KVM Exploits
WASHINGTON (dpa-AFX) - Alphabet Inc.'s (GOOG) Google has announced a new bug
bounty program, named kvmCTF, to help find vulnerabilities in the Kernel-based
Virtual Machine or KVM hypervisor.
The program offers a reward of upto $250,000 for successfully achieving a full
virtual machine escape exploit, which refers to a vulnerability in hypervisor
that allows malicious code to break free and execute on the underlying host
system.
During the program, the participants could reserve time slots to access a guest
VM hosted in a lab environment to conduct a guest-to-host attack.
'The goal of the attack must be to exploit a zero day vulnerability in the KVM
subsystem of the host kernel. If successful, the attacker will obtain a flag
that proves their accomplishment in exploiting the vulnerability,' Google
explained in a blog post.
The company hopes that the project would help in identifying virtual machine
escapes, arbitrary code execution flaws, information disclosure issues, and
denial-of-service or DoS bugs, according to Securityweek.
Copyright(c) 2024 RTTNews.com. All Rights Reserved
Copyright RTT News/dpa-AFX
bounty program, named kvmCTF, to help find vulnerabilities in the Kernel-based
Virtual Machine or KVM hypervisor.
The program offers a reward of upto $250,000 for successfully achieving a full
virtual machine escape exploit, which refers to a vulnerability in hypervisor
that allows malicious code to break free and execute on the underlying host
system.
During the program, the participants could reserve time slots to access a guest
VM hosted in a lab environment to conduct a guest-to-host attack.
'The goal of the attack must be to exploit a zero day vulnerability in the KVM
subsystem of the host kernel. If successful, the attacker will obtain a flag
that proves their accomplishment in exploiting the vulnerability,' Google
explained in a blog post.
The company hopes that the project would help in identifying virtual machine
escapes, arbitrary code execution flaws, information disclosure issues, and
denial-of-service or DoS bugs, according to Securityweek.
Copyright(c) 2024 RTTNews.com. All Rights Reserved
Copyright RTT News/dpa-AFX
| Name | WKN | Börse | Kurs | Datum/Zeit | Diff. | Diff. % | Geld | Brief | Erster | Schluss | |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
ALPHABET INC.CL.A DL-,001 | A14Y6F | Frankfurt | 172,180 | 04.07.24 21:54:46 | -0,300 | -0,17% | 0,000 | 0,000 | 172,100 | 172,480 |
