Re: [PATCH] whitelist host virtio networking features [was Re: qemu-kvm-0.11 regression, crashes on older ...]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Nov 2, 2009 at 8:38 AM, Mark McLoughlin <markmc@xxxxxxxxxx> wrote:
> On Fri, 2009-10-30 at 16:15 -0500, Dustin Kirkland wrote:
>> Canonical's Ubuntu Security Team will be filing a CVE on this issue,
>> since there is a bit of an attack vector here, and since
>> qemu-kvm-0.11.0 is generally available as an official release (and now
>> part of Ubuntu 9.10).
>>
>> Guests running linux <= 2.6.25 virtio-net (e.g Ubuntu 8.04 hardy) on
>> top of qemu-kvm-0.11.0 can be remotely crashed by a non-privileged
>> network user flooding an open port on the guest.  The crash happens in
>> a manner that abruptly terminates the guest's execution (ie, without
>> shutting down cleanly).  This may affect the guest filesystem's
>> general happiness.
>
> IMHO, the CVE should be against the 2.6.25 virtio drivers - the bug is
> in the guest and the issue we're discussing here is just a hacky
> workaround for the guest bug.

Kees/Jamie/Marc-

I think Mark has a good point.  This bug has two parts.  Ultimately,
it's triggered by a buggy virtio-net implementation in the Ubuntu 8.04
kernel (as well as any others using the circa 2.6.25 virtio net code).
 The CVE should probably mention (or focus on) this too.

The qemu-kvm patch is still a good thing to do, as it shouldn't just
exit and terminate the VM, so that's needed as well.

:-Dustin
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux