Preface: Gunyah is a Type-1 hypervisor designed for strong security, performance and modularity. Independent of any high-level OS kernel, Gunyah runs in a higher CPU privilege level, and does not depend on any lower-privileged OS kernel/code for its core functionality.
Background: Gunyah is a product of Qualcomm Innovation Center, Inc. Gunyah is an open-source type-1 hypervisor developed by Qualcomm with an emphasis on security and other features.
There are 2 types of process:
- Independent Processes – Processes that do not share data with other processes.
- Cooperating Processes – Processes that shares data with other processes.
Inter-Process Communication is the mechanism by which cooperating process share data and information.
- Shared memory: A particular region of memory is shared between cooperating process.
- Cooperating process can exchange information by reading and writing data to this shared region.
- It’s faster than Memory Parsing, as Kernel is required only once, that is, setting up a shared memory . After That, kernel assistance is not required.
Vulnerability details: Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.
Official announcement: For details, please refer to the link – https://nvd.nist.gov/vuln/detail/CVE-2023-22387