
Full Disclosure mailing list archives
Re: [SECURITY] [DSA 2607-1] qemu-kvm security update
From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 04 Aug 2013 15:49:50 +0200
* jason:
Could this be exploitable from within the guest vm? Eg could I execute commands on the hypervisor host as root by generating a malicious packet to attack the e1000 driver from within the guest?
Yes, but at this point, you could directly patch the guest memory, so it's not a real attack. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: [SECURITY] [DSA 2607-1] qemu-kvm security update Florian Weimer (Aug 04)