oss-sec mailing list archives
Re: CVE request -- qemu-kvm: virtio-blk: heap buffer overflow caused by unaligned requests
From: Josh Bressers <bressers () redhat com>
Date: Mon, 25 Apr 2011 16:01:05 -0400 (EDT)
----- Original Message -----
"It was found that virtio-blk driver in qemu-kvm did not properly validate read and write requests from the guest. A privileged guest user could use this flaw to cause heap corruption, causing the guest to crash (denial of service) or, possibly, resulting in the privileged guest user escalating their privileges on the host." References: http://www.spinics.net/lists/kvm/msg51877.html https://bugzilla.redhat.com/show_bug.cgi?id=698906 Upstream commit: http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=52c050236eaa4f0b5e1d160cd66dc18106445c4d
Please use CVE-2011-1750. Thanks. -- JB
Current thread:
- CVE request -- qemu-kvm: virtio-blk: heap buffer overflow caused by unaligned requests Petr Matousek (Apr 22)
- Re: CVE request -- qemu-kvm: virtio-blk: heap buffer overflow caused by unaligned requests Josh Bressers (Apr 25)