Tal Lossos
Tal Lossos is a Security Researcher at CyberArk Labs with years of experience in kernel module development with a deep interest in OS internals and currently focuses on bug hunting in the Linux kernel. In his recent works, Tal discovered multiple vulnerabilities in drivers causing elevation of privilege.
Sessions
NVMe technology is part of every Could Service Provider, and nowadays, Cloud Services are perhaps the most important cornerstone of modern computing. For this technology to work effectively, there’s a need for a reliable communication standard between the different services and their storage, and that’s exactly where NVMe comes to play.
In this session, we’ll see how I discovered a pre-auth remote vulnerability in the NVMe implementation of the Linux kernel in a matter of minutes and how you can do it as well.
The ease with which such vulnerability can be detected and exploited, combined with the fact that it’s done in the pre-auth stage and requires no more than a slight misconfiguration, makes this kind of attack vector very dangerous.