3 matches found
Design/Logic Flaw
The dispatchdiscardio function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service data loss via filesystem write operations on a read-only disk that supports the 1 BLKIFOPDISCARD aka discard...
CVE-2013-2140
The dispatchdiscardio function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service data loss via filesystem write operations on a read-only disk that supports the 1 BLKIFOPDISCARD aka discard...
Linux Kernel 'dispatch_discard_io()'安全绕过漏洞
Bugtraq ID:60414 CVE ID:CVE-2013-2140 Linux是一款开源的操作系统。 由于不充分的检查BLKIFOPDISCARD权限,如果系统管理员提供一个只读权限的磁盘,允许特权Guest用户利用该漏洞绕过限制破坏磁盘上的数据。 0 Linux Kernel 厂商解决方案 用户可参考如下第三方的补丁以修复此漏洞: http://seclists.org/oss-sec/2013/q2/att-488/0001-xen-blkback-Check-device-permissions-before-allowing.patch...