oss-security - Re: CVE request -- qemu-kvm: virtio-blk: heap buffer overflow caused by unaligned requests

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Date: Mon, 25 Apr 2011 16:01:05 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com, Petr Matousek <pmatouse@...hat.com>
Cc: coley@...us.mitre.org
Subject: Re: CVE request -- qemu-kvm: virtio-blk: heap buffer
 overflow caused by unaligned requests

----- Original Message -----
> "It was found that virtio-blk driver in qemu-kvm did not properly
> validate read and write requests from the guest. A privileged guest user
> could use this flaw to cause heap corruption, causing the guest to crash
> (denial of service) or, possibly, resulting in the privileged guest user
> escalating their privileges on the host."
> 
> References:
> http://www.spinics.net/lists/kvm/msg51877.html
> https://bugzilla.redhat.com/show_bug.cgi?id=698906
> 
> Upstream commit:
> http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=52c050236eaa4f0b5e1d160cd66dc18106445c4d
> 

Please use CVE-2011-1750.

Thanks.

-- 
    JB

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.