Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAAt3=A5YsFK-UEJFOqpXQsNFjAey+0hpJsksohjyoiypLQL8_A@mail.gmail.com>
Date: Wed, 9 Oct 2019 10:56:15 +0800
From: bo Zhang <zhangbo5891001@...il.com>
To: oss-security@...ts.openwall.com, Tina Li <tli@...italocean.com>, 
	tiangangpi@...il.com
Cc: Vineeth Remanan Pillai <vpillai@...italocean.com>
Subject: Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape
 Vulnerability: vhost/vhost_net kernel buffer overflow

Hi, Tina
This vulnerability is a kernel vul and different verison of Qemu should not
affect the reproduce. Try the following steps:

1. The guest kernel patch is for this version:
Ubuntu-hwe-4.15.0-50.54_16.04.1(
https://kernel.ubuntu.com/git/ubuntu/ubuntu-xenial.git/tree/drivers/virtio/virtio_ring.c?h=Ubuntu-hwe-4.15.0-50.54_16.04.1),
if you use different kernel version, the patch may need to be modified
slightly.
The patch makes the guest kernel create a invalid descriptor table and the
echo command is just to trigger the bug through a kernel variable.

2. Ubuntu had released the patched kernel, the host kernel you used should
not be patched(< 5.2.x) for reproducing the vulnerability.

Thanks!
cradmin of Tencent Blade Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.