Displaying 1 result from an estimated 1 matches for "7b3372c".
Did you mean:
773372k
2011 Dec 22
0
[PATCH] Security: Mitigate possible privilege escalation via SG_IO ioctl (CVE-2011-4127, RHBZ#757071)
...ibguestfs >= 1.8.16
Earlier versions may be vulnerable unless a downstream packager has
applied this patch.
Cc: Hilko Bengen <bengen at hilluzination.de>
---
src/launch.c | 10 ++++++++++
1 files changed, 10 insertions(+), 0 deletions(-)
diff --git a/src/launch.c b/src/launch.c
index 7b3372c..9add092 100644
--- a/src/launch.c
+++ b/src/launch.c
@@ -564,6 +564,16 @@ launch_appliance (guestfs_h *g)
alloc_cmdline (g);
g->cmdline[0] = g->qemu;
+ /* CVE-2011-4127 mitigation: Disable SCSI ioctls on virtio-blk
+ * devices. The -global option must exist, but you can p...