X41 releases the audit report of Rust-VMM

X41 performed a source code audit of Rust-VMM, a virtual machine monitor framework implemented in Rust. The audit was sponsored by the Open Source Technology Improvement Fund.

Audit results

X41 did not discover any vulnerabilities during the audit and only identified issues that may pose a security risk due to code changes in the future. In contrary, X41 found that the security posture of Rust-VMM is exemplary. The issue that was reported directly during the audit was taken seriously despite the lack of direct impact and a fix was committed within a week. The source code is well commented, and the developer team understands minute details of Rust’s memory safety model.

However, using Rust-VMM does not necessarily shield an upstream user of the framework from certain risks. The best example is the expandability of the framework with custom virtio drivers, which run in the user space of the host operating system. Often, these need to parse data provided by the guest operating system virtio driver, which is inherently untrusted. Here classical vulnerability patterns like time-of-check-time-of-use bugs or double-fetches may emerge.

---

If you are interested in working with us on such projects in the future, remote or in-office, have a look at our jobs page!