Along with virtualization technology adopted by both enterprise and customer popularly, virtual machines escape attacking become more and more critical which could NOT be ignored. Because of virtual devices’ nature character (virtual device emulation is in host level, guest can access virtual devices with arbitrary data), they are a big attack surface to achieve virtual machine escaping. In fact among those reported virtual machines escape attacking, the virtual device attacking hold big ratio. For example, the VENOM attacking (Reference 8.1).
by Jack Tang, Moony Li
Full Abstract: https://www.blackhat.com/eu-16/briefings/schedule/#when-virtualization-encounters-afl-a-portable-virtual-device-fuzzing-framework-with-afl-4903