Please put the following patch: [PATCH] xen/blkback: Check device permissions before allowing
in your tree for Linus. It fixes CVE-2013-2140. The bug is that if a system admin provides a disk (which supports the discard aka TRIM or SCSI UNMAP) to a guest as read-only - there are no checks done. Which means that the OS can destroy the data. The likehood of somebody using 'ro' disks I think is small - but there is probably one person who does it and would be unhappy that a guest OS can destroy the underlaying data. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
