qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] Re: [PATCH] whitelist host virtio networking features [was

From: Anthony Liguori
Subject: [Qemu-devel] Re: [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...]
Date: Mon, 02 Nov 2009 09:42:06 -0600
User-agent: Thunderbird 2.0.0.23 (X11/20090825) 
Mark McLoughlin wrote:

Canonical's Ubuntu Security Team will be filing a CVE on this issue,
since there is a bit of an attack vector here, and since
qemu-kvm-0.11.0 is generally available as an official release (and now
part of Ubuntu 9.10).

Guests running linux <= 2.6.25 virtio-net (e.g Ubuntu 8.04 hardy) on
top of qemu-kvm-0.11.0 can be remotely crashed by a non-privileged
network user flooding an open port on the guest.  The crash happens in
a manner that abruptly terminates the guest's execution (ie, without
shutting down cleanly).  This may affect the guest filesystem's
general happiness.


IMHO, the CVE should be against the 2.6.25 virtio drivers - the bug is
in the guest and the issue we're discussing here is just a hacky
workaround for the guest bug.
Yeah, I'm inclined to agree. The guest generates bad data and we exit. exit()ing is probably not wonderful but it's a well understood behavior. 

The fundamental bug here is in the guest, not in qemu.

Regards,

Anthony Liguori


Cheers,
Mark.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]