NVMe technology is part of every Could Service Provider, and nowadays, Cloud Services are perhaps the most important cornerstone of modern computing. For this technology to work effectively, there\u2019s a need for a reliable communication standard between the different services and their storage, and that\u2019s exactly where NVMe comes to play.<\/p>\n
In this session, we\u2019ll see how I discovered a pre-auth remote vulnerability in the NVMe implementation of the Linux kernel in a matter of minutes and how you can do it as well.\u00a0 <\/strong>I aim to share my research methodology and further emphasize the need for SCA tools as part of any major production pipeline and will support my claims with other vulnerabilities I discovered in leading vendors such as NVIDIA and the Linux kernel.<\/p>\n The ease with which such vulnerabilities can be detected and exploited, combined with the fact that it\u2019s done in the pre-auth stage and requires no more than a slight misconfiguration, makes this kind of attack vector very dangerous – and awesome.<\/p>\n","protected":false},"template":"","class_list":["post-10308","session","type-session","status-publish","hentry"],"acf":[],"yoast_head":"\n