[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 5 Jun 2013 13:46:29 -0400
From: Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
To: oss-security@...ts.openwall.com
Subject: xen/blkback: Check device permissions before allowing OP_DISCARD
Hey,
John Haxby and Dan Carpenter recommended I ask for an CVE number here.
The bug is that if a system admin provides a disk (which supports
the discard aka TRIM or SCSI UNMAP) to a guest as read-only - there are
no checks done. Which means that the OS can destroy the data.
The likehood of somebody using 'ro' disks I think is small - but there
is probably one person who does it and would be unhappy that a guest
OS can destroy the underlaying data.
I have a patch (and a test-case) ready (see attached). I think
I just need an CVE number and need to send the mentioned patch
to Linus?
View attachment "0001-xen-blkback-Check-device-permissions-before-allowing.patch" of type "text/plain" (1886 bytes)
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
