On 12/23/2013 10:55 PM, Eric Blake wrote: > We are still awaiting a CVE number to be assigned, Wow, that was fast. I just learned that this is assigned CVE-2013-6456. > but Reco > reported in Debian bug #732394 that a malicious guest could > cause virDomainShutdown and virDomainReboot to cause the > host to misbehave, if the host blindly follows symlinks in > its own mount namespace instead of the guest's namespace. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list