-
-
Notifications
You must be signed in to change notification settings - Fork 257
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kvmfr: Security Vulnerability - Action Required: Overflow may in the newest version of the LookingGlass #1133
Comments
We are checking the bounds: Lines 151 to 155 in d060e37
Lines 314 to 321 in d060e37
Edit: Oh wait, this is a problem in the fault handler. I will have a closer look |
Confirmed, we do not have a problem here as we validate the user data at setup. |
I am sorry for the noise, I did some further digging and understand the issue here better now. Yes there is a potential issue here as the kernel doesn't perform any validation of the values being passed to this method.
Not necessary, I will commit a patch for this, thanks for the report! |
@gnif I'm sorry, here is a typo in my issue, it may cause overflow vulnerability not a XXE vulnerability. By the way, as it may cause some dangerous results, maybe I can request a CVEID? |
No worries, but no, please do not request a CVEID, this is not a new vulnerability and LG is not considered a production stable tool ready for general usage at this time. |
I would like to bring to your attention a potential overflow vulnerability in the latest version of LookingGlass related to the method
kvmfr_vm_fault
in the file ofmodule/kvmfr.c
. This vulnerability bears similarities to the recently disclosed CVE-2023-2008 found in torvalds/linux.Here is a need to check vmf->pgoff before using it. If not, the specific flaw may exist within a fault handler.
Would you can help to check if this bug is true? If it's true, I'd like to open a PR for that if necessary. Thank you for your effort and patience!
The text was updated successfully, but these errors were encountered: