Date: Fri, 3 Oct 2008 17:17:44 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security@...ts.openwall.com cc: coley@...re.org, berrange@...hat.com Subject: Re: CVE Request (xen) We wrote this up as a libvirt issue, but is it really a Xen issue? - Steve ====================================================== Name: CVE-2008-4405 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4405 Acknowledged: yes Announced: 20080930 Flaw: other Reference: MLIST:[oss-security] 20080930 CVE Request (xen) Reference: URL:http://openwall.com/lists/oss-security/2008/09/30/6 Reference: MLIST:[xen-devel] 20080930 Re: [PATCH] [Xend] Move some backend configuration Reference: URL:http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00994.html Reference: MLIST:[xen-devel] 20080930 [PATCH] [Xend] Move some backend configuration Reference: URL:http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00992.html Reference: MISC:https://bugzilla.redhat.com/show_bug.cgi?id=464817 Reference: CONFIRM:http://xenbits.xensource.com/staging/xen-3.3-testing.hg?rev/e0e17216ba70 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=464818 libvirt 0.3.3 relies on files located under subdirectories of /local/domain in xenstore despite lack of protection against modification by Xen guest virtual machines, which allows guest OS users to have an unspecified impact, as demonstrated by writing to (1) the text console (console/tty) or (2) the VNC port for the graphical framebuffer. Analysis: There are two perspectives on the problem. First, one can argue that the flaw is in libvirt, because libvirt relies on untrusted data from guest VMs. Second, one can argue that the flaw is in Xen, because Xen makes it possible for guest VMs to write the untrusted data. Because the CVE request is associated with a Red Hat bug report for the libvirt product, CVE takes the first perspective.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.