Secunia Security Advisory - A vulnerability has been reported in KVM, which can be exploited by malicious, local users to bypass certain security restrictions.
2a32d7f58173ce455fa6e66eae0e6e47edfdf7d56bfb939b89ef5b5b6b4ab880----------------------------------------------------------------------
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched.
Download and test it today:
https://psi.secunia.com/
Read more about this new version:
https://psi.secunia.com/?page=changelog
----------------------------------------------------------------------
TITLE:
KVM Block Device Backend Security Bypass
SECUNIA ADVISORY ID:
SA29129
VERIFY ADVISORY:
http://secunia.com/advisories/29129/
CRITICAL:
Not critical
IMPACT:
Security Bypass
WHERE:
Local system
SOFTWARE:
KVM (Kernel-based Virtual Machine)
http://secunia.com/product/17812/
DESCRIPTION:
A vulnerability has been reported in KVM, which can be exploited by
malicious, local users to bypass certain security restrictions.
The vulnerability is caused due to the block device backends not
properly checking a guest's read or write attempts, which can be
exploited out of a KVM guest system to e.g. crash the KVM host or
potentially escape the virtualisation jail by writing into arbitrary
host memory.
Note: Successful exploitation requires privileges to send specially
crafted read or write requests to the block device backends.
This is related to vulnerability #7 in:
SA25073
SOLUTION:
Restrict access to trusted users only.
PROVIDED AND/OR DISCOVERED BY:
Ian Jackson
ORIGINAL ADVISORY:
http://marc.info/?l=debian-security&m=120343592917055&w=2
OTHER REFERENCES:
SA25073:
http://secunia.com/advisories/25073/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed