“Unreproducible” can also be read as “Wasn’t worth the effort to reproduce”.
Very, very rarely will a Sev1 crash in production software be instantly reproducible. When it is, it’s an utter embarrassment. More often the full set of conditions which lead to the crash are unknown, rare, and hard to fully quantify all at once.
And yet, we know with certainty that the crash did happen and by definition it is a valid bug in any sane world where “don’t crash” is an absolute requirement.
Any crashing bug in a hypervisor must be assumed to be security critical until proven otherwise. Even after “proving” a crash can’t possibly be exploited, you should still assume that a clever attacker will figure out a way. The Venn diagram of “crashing bugs” and “security exploits” is vanishingly disjoint.
"don't crash" can't be an absolute requirement, because operating systems. I've had programs crash when running out of RAM, I think sometimes there's no way for the OS to recover without killing some programs.
If you absolutely can't crash, you need to build an OS that caters to that - modern OSes explicitly prioritize other goals, like performance
If you're in a scenario where a crash can mean a critical security vulnerability, then being killed by the OS can also be, because some parts might continue running with an unexpected state
Very, very rarely will a Sev1 crash in production software be instantly reproducible. When it is, it’s an utter embarrassment. More often the full set of conditions which lead to the crash are unknown, rare, and hard to fully quantify all at once.
And yet, we know with certainty that the crash did happen and by definition it is a valid bug in any sane world where “don’t crash” is an absolute requirement.
Any crashing bug in a hypervisor must be assumed to be security critical until proven otherwise. Even after “proving” a crash can’t possibly be exploited, you should still assume that a clever attacker will figure out a way. The Venn diagram of “crashing bugs” and “security exploits” is vanishingly disjoint.