hAFL1: Our Journey of Fuzzing Hyper-V and Discovering a 0-Day

Tech 2 (718B) November 4, 2021 1:00 pm - 1:40 pm Feedback     

Bookmark and Share

Peleg Hadar
Ophir Harpaz

In this session, we present hAFL1 and provide the implementation bits required to write a Hyper-V fuzzer. We uncover a critical 0-day in Hyper-V vmswitch which was found using our fuzzer – an arbitrary read vulnerability. Finally, we show a live demo of exploiting this vulnerability, which until only a few weeks ago could take down big portions of Azure cloud infrastructure.