From bc9ee542aab4cbdf620906ed4a46b6e9f13c2ec6 Mon Sep 17 00:00:00 2001 From: "Huawei Technologies Co., Ltd" Date: Wed, 14 Oct 2020 17:23:54 +0800 Subject: [PATCH] qemu: agent: set ifname to NULL after freeing CVE-2020-25637 Signed-off-by: Jan Tomko Rported-by: Ilja Van Sprundel Reviewed-by: Mauro Matteo Cascella Reviewed-by: Jiri Denemark cherry-pick from commit a63b48c5ecef077bf0f909a85f453a605600cf05 Signed-off-by: Jiajie Li --- ...ent-set-ifname-to-NULL-after-freeing.patch | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 qemu-agent-set-ifname-to-NULL-after-freeing.patch diff --git a/qemu-agent-set-ifname-to-NULL-after-freeing.patch b/qemu-agent-set-ifname-to-NULL-after-freeing.patch new file mode 100644 index 0000000..6eb5de2 --- /dev/null +++ b/qemu-agent-set-ifname-to-NULL-after-freeing.patch @@ -0,0 +1,33 @@ +From 0133001d6c4cdc25f6f8b8453c60c94296336576 Mon Sep 17 00:00:00 2001 +From: Jan Tomko +Date: Wed, 14 Oct 2020 17:23:54 +0800 +Subject: [PATCH] qemu: agent: set ifname to NULL after freeing + +CVE-2020-25637 + +Signed-off-by: Jan Tomko +Rported-by: Ilja Van Sprundel +Reviewed-by: Mauro Matteo Cascella +Reviewed-by: Jiri Denemark + +cherry-pick from commit a63b48c5ecef077bf0f909a85f453a605600cf05 +Signed-off-by: Jiajie Li +--- + src/qemu/qemu_agent.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c +index d7fcc869c6..31d3268d42 100644 +--- a/src/qemu/qemu_agent.c ++++ b/src/qemu/qemu_agent.c +@@ -2166,6 +2166,7 @@ qemuAgentGetInterfaces(qemuAgentPtr agent, + + /* Has to be freed for each interface. */ + virStringListFree(ifname); ++ ifname = NULL; + + /* as well as IP address which - moreover - + * can be presented multiple times */ +-- +2.23.0 +