From 902b27d0b8d5bfa840eaf389d7cbcc28b57e3fbe Mon Sep 17 00:00:00 2001 From: aurel32 Date: Tue, 11 Mar 2008 17:17:59 +0000 Subject: Fix CVE-2008-0928 - insufficient block device address range checking Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine. git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4037 c046a42c-6fe2-441c-8c8c-71466251a162 --- block_int.h | 1 + 1 file changed, 1 insertion(+) (limited to 'block_int.h') diff --git a/block_int.h b/block_int.h index 137000e140..27e90b87e1 100644 --- a/block_int.h +++ b/block_int.h @@ -97,6 +97,7 @@ struct BlockDriverState { int locked; /* if true, the media cannot temporarily be ejected */ int encrypted; /* if true, the media is encrypted */ int sg; /* if true, the device is a /dev/sg* */ + int autogrow; /* if true, the backing store can auto-extend to allocate new extents */ /* event callback when inserting/removing */ void (*change_cb)(void *opaque); void *change_opaque; -- cgit v1.2.3