Security Work

My security work experience comprises of academic work at Fraunhofer AISEC, CTF participation and task authoring, security bug hunting, and undisclosed security company work.

Academic work

Discovered security bugs

  • CVE‑2022‑42270 | CVSS: 7.8

    NVIDIA Linux kernel distributions contain a vulnerability in nvdla_emu_task_submit, ... escalation of privileges

  • kvmtool VM-escape | CVSS: None

    See https://hxp.io/blog/87/hxp-CTF-2021-indie_vmm-writeup/ and https://www.spinics.net/lists/kvm/msg264664.html

  • CVE‑2021‑1106 | CVSS: 7.8

    NVIDIA Linux kernel distributions contain a vulnerability in nvmap, ... escalation of privileges

  • CVE‑2021‑1107 | CVSS: 7.8

    NVIDIA Linux kernel distributions contain a vulnerability in nvmap, ... escalation of privileges

  • CVE‑2021‑1108 | CVSS: 7.3

    NVIDIA Linux kernel distributions contain a vulnerability in nvmap, ... escalation of privileges

  • CVE‑2021‑1112 | CVSS: 5.5

    NVIDIA Linux kernel distributions contain a vulnerability in nvmap, ... denial of service

  • CVE‑2021‑1114 | CVSS: 4.4

    NVIDIA Linux kernel distributions contain a vulnerability in the kernel crypto node, ... escalation of privileges

  • CVE‑2021‑34401 | CVSS: 7.8

    NVIDIA Linux kernel distributions contain a vulnerability in nvmap, ... escalation of privileges

  • CVE‑2021‑34403 | CVSS: 7.8

    NVIDIA Linux distributions contain a vulnerability in nvmap ioctl, ... escalation of privileges

  • CVE-2020-12967 | CVSS: 9.0

    Researchers from Fraunhofer AISEC and TUM make use of ... the lack of nested page table protection in the SEV/SEV-ES feature which could potentially lead to arbitrary code execution within the guest