Google will start paying rewards for identifying vulnerabilities in the KVM hypervisor

[Carding Forum]

Google has introduced the kvmCTF initiative, in which security researchers can receive a monetary reward for identifying vulnerabilities in the KVM hypervisor (Kernel-based Virtual Machine). Google's interest in KVM is due to the use of this hypervisor in the Google Cloud service, as well as in the Android and ChromeOS platforms (CrosVM is based on KVM). To receive a reward, you must demonstrate hacking a specially prepared CTF (Capture the Flag) environment based on a fresh Linux kernel running a virtual machine, access to which is granted by request. The attacker is asked to exploit a vulnerability in the KVM subsystem in the Linux kernel, which ensures the operation of the host system in this environment.

For identifying a previously unknown vulnerability that makes it possible to exit the VM, a payment of 250 thousand dollars is provided, and for a vulnerability that allows writing to an arbitrary memory area-100 thousand dollars. For vulnerabilities that lead to reading from an arbitrary memory area or writing to adjacent memory areas, a payment of 50 thousand dollars is claimed, for a DoS vulnerability-20 thousand dollars, and for reading from an adjacent memory area - 10 thousand dollars. Rewards for writing or reading an arbitrary memory area can be obtained by changing or retrieving the value of a specific address in memory, and in the case of a contiguous area - for errors detected by the KASAN debugging tool (Kernel address sanitizer), such as buffer overflow or accessing an already freed memory area. A reward for a DoS vulnerability is paid when a null pointer dereference is detected (null-ptr-deref in KASAN).