FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 02-28-2012, 02:30 PM
Tim Gardner
 
Default ACK: kvm device assignment permissions checks

On 02/28/2012 08:11 AM, Andy Whitcroft wrote:

CVE-2011-4347
It was found that kvm_vm_ioctl_assign_device function did not check
if the user requesting assignment was privileged or not. Together
with /dev/kvm being 666, unprivileged user could assign unused
pci devices, or even devices that were in use and whose resources
were not properly claimed by the respective drivers. Please note
that privileged access was still needed to re-program the device
to for example issue DMA requests. This is typically achieved by
touching files on sysfs filesystem. These files are usually not
accessible to unprivileged users. As a result, local user could
use this flaw to crash the system.

Following this email are two patches. The first is for lucid and is a
backport from the upstream commit following the code back to an older
filename. The second is for maverick, natty, and oneiric and is also a
minor backport from the upstream commit, dropping the documentation
updates for the older releases.

Proposing for lucid, maverick, natty and oneiric.

-apw




--
Tim Gardner tim.gardner@canonical.com

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 
Old 02-28-2012, 03:49 PM
Seth Forshee
 
Default ACK: kvm device assignment permissions checks

On Tue, Feb 28, 2012 at 03:11:49PM +0000, Andy Whitcroft wrote:
> CVE-2011-4347
> It was found that kvm_vm_ioctl_assign_device function did not check
> if the user requesting assignment was privileged or not. Together
> with /dev/kvm being 666, unprivileged user could assign unused
> pci devices, or even devices that were in use and whose resources
> were not properly claimed by the respective drivers. Please note
> that privileged access was still needed to re-program the device
> to for example issue DMA requests. This is typically achieved by
> touching files on sysfs filesystem. These files are usually not
> accessible to unprivileged users. As a result, local user could
> use this flaw to crash the system.
>
> Following this email are two patches. The first is for lucid and is a
> backport from the upstream commit following the code back to an older
> filename. The second is for maverick, natty, and oneiric and is also a
> minor backport from the upstream commit, dropping the documentation
> updates for the older releases.
>
> Proposing for lucid, maverick, natty and oneiric.
>
> -apw

Acked-by: Seth Forshee <seth.forshee@canonical.com>

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 07:19 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org