packages/qemu - qemu - OEPKGS Git Repository for openEuler 24.03 LTS SP1 Template

packages/qemu

Fork 0

Commit Graph

Author	SHA1	Message	Date
Chen Qun	7ebae099e1	net: vmxnet3: validate configuration values during activate (CVE-2021-20203) fix CVE-2021-20203 #I3A34O While activating device in vmxnet3_acticate_device(), it does not validate guest supplied configuration values against predefined minimum - maximum limits. This may lead to integer overflow or OOB access issues. Add checks to avoid it. Fixes: CVE-2021-20203 Buglink: https://bugs.launchpad.net/qemu/+bug/1913873 Reported-by: Gaoning Pan <pgn@zju.edu.cn> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Signed-off-by: Jiajie Li <lijiajie11@huawei.com>	2021-03-12 16:45:10 +08:00

Author

SHA1

Message

Date

Chen Qun

7ebae099e1

net: vmxnet3: validate configuration values during activate (CVE-2021-20203)

fix CVE-2021-20203 #I3A34O

While activating device in vmxnet3_acticate_device(), it does not
validate guest supplied configuration values against predefined
minimum - maximum limits. This may lead to integer overflow or
OOB access issues. Add checks to avoid it.

Fixes: CVE-2021-20203
Buglink: https://bugs.launchpad.net/qemu/+bug/1913873
Reported-by: Gaoning Pan <pgn@zju.edu.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>

Signed-off-by: Jiajie Li <lijiajie11@huawei.com>

2021-03-12 16:45:10 +08:00

1 Commits