Date: Wed, 5 Jun 2013 13:46:29 -0400 From: Konrad Rzeszutek Wilk <konrad.wilk@...cle.com> To: oss-security@...ts.openwall.com Subject: xen/blkback: Check device permissions before allowing OP_DISCARD Hey, John Haxby and Dan Carpenter recommended I ask for an CVE number here. The bug is that if a system admin provides a disk (which supports the discard aka TRIM or SCSI UNMAP) to a guest as read-only - there are no checks done. Which means that the OS can destroy the data. The likehood of somebody using 'ro' disks I think is small - but there is probably one person who does it and would be unhappy that a guest OS can destroy the underlaying data. I have a patch (and a test-case) ready (see attached). I think I just need an CVE number and need to send the mentioned patch to Linus? View attachment "0001-xen-blkback-Check-device-permissions-before-allowing.patch" of type "text/plain" (1886 bytes) Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.