Re: Is this really a CVE? - buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796)

On Tue, Apr 2, 2013 at 11:05 PM, Florian Beck wrote: > The CVE-2013-1796 > (https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=c300aa64ddf57d9c5d9c898a64b36877345dd4a9) > reports a possibility of host memory corruption. > I see that this could lead into corruption of guest kernel memory, > bu

Is this really a CVE? - buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796)

The CVE-2013-1796 (https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=c300aa64ddf57d9c5d9c898a64b36877345dd4a9) reports a possibility of host memory corruption. I see that this could lead into corruption of guest kernel memory, but how could be the wrong aligned address reported by guest corru