Date: Wed, 5 Jun 2013 13:46:29 -0400 From: Konrad Rzeszutek Wilk <konrad.wilk@...cle.com> To: oss-security@...ts.openwall.com Subject: xen/blkback: Check device permissions before allowing OP_DISCARD Hey, John Haxby and Dan Carpenter recommended I ask for an CVE number here. The bug is that if a system admin provides a disk (which supports the discard aka TRIM or SCSI UNMAP) to a guest as read-only - there are no checks done. Which means that the OS can destroy the data. The likehood of somebody using 'ro' disks I think is small - but there is probably one person who does it and would be unhappy that a guest OS can destroy the underlaying data. I have a patch (and a test-case) ready (see attached). I think I just need an CVE number and need to send the mentioned patch to Linus? View attachment "0001-xen-blkback-Check-device-permissions-before-allowing.patch" of type "text/plain" (1886 bytes) Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ