[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request -- kernel: kvm: device assignment
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2011-11-24 17:57:44
Message-ID: 4ECE8598.3040206 () redhat ! com
[Download RAW message or body]
On 11/24/2011 10:49 AM, Petr Matousek wrote:
> It was found that kvm_vm_ioctl_assign_device function did not check if
> the user requesting assignment was privileged or not. Together with
> /dev/kvm being 666, unprivileged user could assign unused pci devices,
> or even devices that were in use and whose resources were not properly
> claimed by the respective drivers.
>
> Please note that privileged access was still needed to re-program the
> device to for example issue DMA requests. This is typically achieved by
> touching files on sysfs filesystem. These files are usually not
> accessible to unprivileged users.
>
> As a result, local user could use this flaw to crash the system.
>
> Reference:
> https://bugzilla.redhat.com/show_bug.cgi?id=756084
> http://thread.gmane.org/gmane.comp.emulators.kvm.devel/82043
>
> Thanks,
Please use CVE-2011-4347 for this issue.
--
-Kurt Seifried / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic