A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine to gain escalated privileges.
The vulnerability is caused due to SG_IO SCSI IOCTL commands being passed down to the block device without properly honoring access restrictions to e.g. single partitions or LVM volumes. This can e.g. be exploited by a privileged guest user in certain virtualisation setups to read from or write to the host's block device.
Solution: Restrict access to trusted users only.
Provided and/or discovered by: Paolo Bonzini, Red Hat
Original Advisory: Paolo Bonzini:
Red Hat bug #752375:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com
Subject: Linux Kernel "SG_IO" SCSI IOCTL Privilege Escalation Vulnerability