Date: Mon, 25 Feb 2013 20:36:19 +0100 From: Bastian Blank <waldi@...ian.org> To: oss-security@...ts.openwall.com Subject: CVE request: libvirt kvm-group writable storage Hi libvirtd in privileged (root) mode runs qemu/kvm guests with a different user. It set owner/group of storage used by this guests to this user and group. In Debian this is libvirt-qemu:kvm. | brw-rw---T 1 libvirt-qemu kvm 254, 11 Feb 25 17:08 /dev/dm-11 | brw-rw---T 1 libvirt-qemu kvm 254, 12 Feb 25 17:50 /dev/dm-12 The kvm group is used for generic access control on /dev/kvm, so a lot of users may have access to this group. | crw-rw---T 1 root kvm 10, 232 Feb 25 18:04 kvm This allows write access to unrelated users to this storage. Affected is at least Debian Squeeze (0.8.3-5+squeeze2) and Debian experimental (1.0.1-2). Reference is http://bugs.debian.org/701649 Please assign a CVE. Bastian -- Oh, that sound of male ego. You travel halfway across the galaxy and it's still the same song. -- Eve McHuron, "Mudd's Women", stardate 1330.1
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.