 Home |
Products |
Support |
Community |
News |
xen-devel
[Xen-devel] QEMU "drive_init()" Disk Format Security Bypass
| To: | xen-devel@xxxxxxxxxxxxxxxxxxx |
|---|---|
| Subject: | [Xen-devel] QEMU "drive_init()" Disk Format Security Bypass |
| From: | Eren Türkay <turkay.eren@xxxxxxxxx> |
| Date: | Thu, 8 May 2008 18:00:24 +0300 |
| Delivery-date: | Thu, 08 May 2008 08:01:08 -0700 |
| Dkim-signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date:user-agent:mime-version:content-type:content-transfer-encoding:content-disposition:message-id; bh=uQ+cbLu0rjf1ckXbGAIPf+azGIa977DNYRikxl0wmGw=; b=RDsGXw1h7R0Z2Zt1uw5sbzvxZhhLrDk6l0Wg8Fdu4Ng7idPtIAXjCSn7ZVhFaAtRrDk2TxZ/rGam45nm6piW8CgagM1ySe9x4BKDHsUys//NjqDIzgLw8LHgajL5+waul/30DDAZfnZXtTJJFU0ob/zz19yGBPJ/OK6RXXzTyHA= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:mime-version:content-type:content-transfer-encoding:content-disposition:message-id; b=cXMJyvGrjbMjfO/ssSGkmHASkdXDBfJNrrLjnGG9M9zccEYKklXB4mA5YCq5ViTvW9mChRiB8YaF9MY5n6L3rZ6yGEyEaQkAefOi9gsYNJEoLaWevlNUcYCMeL1PiZugPqt3Ig2wj7BkZMFL9p1vy3xU1oA0RER4/m8512s9iqs= |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxx |
| List-help: | <mailto:xen-devel-request@lists.xensource.com?subject=help> |
| List-id: | Xen developer discussion <xen-devel.lists.xensource.com> |
| List-post: | <mailto:xen-devel@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
| Sender: | xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
| User-agent: | KMail/1.9.9 |
Hello, Today, a security flaw in Qemu was released at secunia [0] which was fixed in qemu svn repository. Xen uses part of a qemu code including "vl.c" in which the security flaw appeared. I suspect that Xen is effected by this vulnerability too but I couldn't find same lines in vl.c and I'm not sure about it. Could someone look at this issue and shed a light? If Xen is effected, I would really appreciate a patch. [0] http://secunia.com/advisories/30111/ My best regards, Eren _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | RE: [Xen-devel] [PATCH 0/4] HVM Virtual S3, Ke, Liping |
|---|---|
| Next by Date: | Re: [Xen-devel] [RFC] PVFB: Add refresh period to XenStore parameters?, Samuel Thibault |
| Previous by Thread: | [Xen-devel] [PATCH] minios: clear FB content, Samuel Thibault |
| Next by Thread: | Re: [Xen-devel] QEMU "drive_init()" Disk Format Security Bypass, Ian Jackson |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
