| Reported on: | 20110526 |
|---|---|
| Published on: | 20110531 |
| Fixed on: | 20110531 |
| Reported by: | Eric Blake |
|---|---|
| Patched by: | Eric Blake |
The flag controlling whether the security manager disabled disk probing was being overwritten due to miscalculation in the size of a structure. This meant that the security driver may mistakenly probe disk formats when setting up guest labelling and thus allow access to inappropriate host files.
A malicious guest disk image could trick the security driver into providing access to inappropriate host files
Do not use raw disk images
| Branch | master |
|---|---|
| Broken in: | v0.8.8 |
| Broken in: | v0.9.0 |
| Broken in: | v0.9.1 |
| Fixed in: | v0.9.2 |
| Broken by: | d6623003c6551be07d42a72ce976ab8b0986ec15 |
| Fixed by: | b598ac555c8fe67ffc39ac8ef25fe7e6b28ae3f2 |