Many security products use QEMU to sandbox files in the process of determining if they are malicious but Palo Alto Networks Unit 42 reports that by triggering the recently discovered CVE-2017-12809 vulnerability before malicious behaviour occurs, an attacker can force security products to classify malicious files as benign.
The vulnerability began with version 2.8, reported by Palo Alto and fixed in QEMU version 2.10.0 released on 30 August, available from QEMU here.
In a blog Unit 42 researchers explain that the vulnerability results from a flaw in the way QEMU's emulated hard drive controller handles the ATA_CACHE_FLUSH command. “The QEMU host process will dereference a NULL pointer if ATA_CACHE_FLUSH is issued to a removable drive with no disk present (the default configuration). This causes the host OS to terminate QEMU. In Windows, this can be triggered from user mode by an unprivileged process by opening a handle to the emulated CDROM drive using the CreateFile() API, followed by DeviceIoControl() with IOCTL_ATA_PASS_THROUGH. Using this technique on a real physical machine will have no effect.”
Some products, including Palo Alto Networks' WildFire service, are not affected by this vulnerability, in the latter case because it detonates malware in a custom hypervisor that does not share any code with QEMU.