qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] Re: [PATCH] whitelist host virtio networking features [was


From: Dustin Kirkland
Subject: [Qemu-devel] Re: [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...]
Date: Mon, 2 Nov 2009 10:58:44 -0600

On Mon, Nov 2, 2009 at 8:38 AM, Mark McLoughlin <address@hidden> wrote:
> On Fri, 2009-10-30 at 16:15 -0500, Dustin Kirkland wrote:
>> Canonical's Ubuntu Security Team will be filing a CVE on this issue,
>> since there is a bit of an attack vector here, and since
>> qemu-kvm-0.11.0 is generally available as an official release (and now
>> part of Ubuntu 9.10).
>>
>> Guests running linux <= 2.6.25 virtio-net (e.g Ubuntu 8.04 hardy) on
>> top of qemu-kvm-0.11.0 can be remotely crashed by a non-privileged
>> network user flooding an open port on the guest.  The crash happens in
>> a manner that abruptly terminates the guest's execution (ie, without
>> shutting down cleanly).  This may affect the guest filesystem's
>> general happiness.
>
> IMHO, the CVE should be against the 2.6.25 virtio drivers - the bug is
> in the guest and the issue we're discussing here is just a hacky
> workaround for the guest bug.

Kees/Jamie/Marc-

I think Mark has a good point.  This bug has two parts.  Ultimately,
it's triggered by a buggy virtio-net implementation in the Ubuntu 8.04
kernel (as well as any others using the circa 2.6.25 virtio net code).
 The CVE should probably mention (or focus on) this too.

The qemu-kvm patch is still a good thing to do, as it shouldn't just
exit and terminate the VM, so that's needed as well.

:-Dustin




reply via email to

[Prev in Thread] Current Thread [Next in Thread]