Re: QEMU soundcards vulnerable to jack retasking?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Nov 24, 2016 at 06:06:29PM +0100, bancfc@xxxxxxxxxxxxxxx wrote:
> Recent security research shows that soundcards support surreptitiously
> switching line-out jacks into line-in by modifying the software stack. The
> way modern speakers and headphones are designed makes them readily usable as
> microphones. The Intel High Definition (HD) Audio standards which all modern
> consumer soundcards are based mandates this stupidity.
> 
> https://arxiv.org/ftp/arxiv/papers/1611/1611.07350.pdf
> 
> Does anyone know if QEMU's emulated sound devices follow this standard? If
> yes then a malicious guest that can modify the virt sound hardware can turn
> PC speakers into surveillance devices even if the microphone is disabled on
> the host. The only solution is completely denying untrusted VMs access to a
> virtual sound device.
> 
> /CC'd the respective researchers for input on this too.

This is better sent to the QEMU mailing list, rather than libvirt, since
the former is where the QEMU audio experts are...

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://entangle-photo.org       -o-    http://search.cpan.org/~danberr/ :|

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]
  Powered by Linux