[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] scsi: lsi: exit infinite loop while executing s
|
From: |
Philippe Mathieu-Daudé |
|
Subject: |
Re: [Qemu-devel] [PATCH] scsi: lsi: exit infinite loop while executing script (CVE-2019-12068) |
|
Date: |
Thu, 8 Aug 2019 12:29:19 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 |
On 8/8/19 11:48 AM, P J P wrote:
> +-- On Thu, 8 Aug 2019, Paolo Bonzini wrote --+
> | I am not sure this is worth a CVE.
>
> True, it is a low one, as QEMU consumes cycles on the host.
>
> | The kernel can cause QEMU to break, but is there a practical case in which
> | an unprivileged user can do that?
>
> QEMU does not break, it keeps running in interruptible sleep 'S' state.
> They've a reproducer wherein guest does mmio calls to trigger the issue.
>From user-mode? As unprivileged user?