Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 5 Jun 2013 13:46:29 -0400
From: Konrad Rzeszutek Wilk <>
Subject: xen/blkback: Check device permissions before allowing OP_DISCARD


John Haxby and Dan Carpenter recommended I ask for an CVE number here.

The bug is that if a system admin provides a disk (which supports
the discard aka TRIM or SCSI UNMAP) to a guest as read-only - there are
no checks done. Which means that the OS can destroy the data.

The likehood of somebody using 'ro' disks I think is small - but there
is probably one person who does it and would be unhappy that a guest
OS can destroy the underlaying data.

I have a patch (and a test-case) ready (see attached). I think
I just need an CVE number and need to send the mentioned patch
to Linus?

View attachment "0001-xen-blkback-Check-device-permissions-before-allowing.patch" of type "text/plain" (1886 bytes)

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.