On 01/22/2014 03:52 AM, Daniel P. Berrange wrote:
> On Tue, Jan 21, 2014 at 10:47:07AM -0700, Eric Blake wrote:
>> I noticed that we allow virDomainGetVcpusFlags even for read-only
>> connections, but that with a flag, it can require guest agent
>> interaction. It is feasible that a malicious gues
On Tue, Jan 21, 2014 at 10:47:07AM -0700, Eric Blake wrote:
> I noticed that we allow virDomainGetVcpusFlags even for read-only
> connections, but that with a flag, it can require guest agent
> interaction. It is feasible that a malicious guest could
> intentionally abuse the replies it sends over
I noticed that we allow virDomainGetVcpusFlags even for read-only
connections, but that with a flag, it can require guest agent
interaction. It is feasible that a malicious guest could
intentionally abuse the replies it sends over the guest agent
connection to possibly trigger a bug in libvirt's J