Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 5 Jun 2013 13:46:29 -0400
From: Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
To: oss-security@...ts.openwall.com
Subject: xen/blkback: Check device permissions before allowing OP_DISCARD

Hey,

John Haxby and Dan Carpenter recommended I ask for an CVE number here.

The bug is that if a system admin provides a disk (which supports
the discard aka TRIM or SCSI UNMAP) to a guest as read-only - there are
no checks done. Which means that the OS can destroy the data.

The likehood of somebody using 'ro' disks I think is small - but there
is probably one person who does it and would be unhappy that a guest
OS can destroy the underlaying data.

I have a patch (and a test-case) ready (see attached). I think
I just need an CVE number and need to send the mentioned patch
to Linus?

View attachment "0001-xen-blkback-Check-device-permissions-before-allowing.patch" of type "text/plain" (1886 bytes)

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.