oss-sec mailing list archives
CVE request -- libvirt: address bus= device= when identicle vendor ID/product IDs usb devices attached are ignored
From: Petr Matousek <pmatouse () redhat com>
Date: Mon, 11 Jun 2012 18:29:45 +0200
Description of the problem: libvirt ignores address bus= device= when identicle vendor ID/product IDs usb devices attached with either virsh or virt-manager. As a consequence, wrong USB device can be assigned to the wrong guest. References and proposed upstream patch: https://www.redhat.com/archives/libvir-list/2012-April/msg01494.html Thanks, -- Petr Matousek / Red Hat Security Response Team
Current thread:
- CVE request -- libvirt: address bus= device= when identicle vendor ID/product IDs usb devices attached are ignored Petr Matousek (Jun 11)