packages/qemu - qemu - OEPKGS Git Repository for openEuler 24.03 LTS SP1 Template

packages/qemu

Fork 0

Commit Graph

Author	SHA1	Message	Date
Alex Chen	abe003640c	slirp: check pkt_len before reading protocol header While processing ARP/NCSI packets in 'arp_input' or 'ncsi_input' routines, ensure that pkt_len is large enough to accommodate the respective protocol headers, lest it should do an OOB access. Add check to avoid it. CVE-2020-29129 CVE-2020-29130 QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets -> https://www.openwall.com/lists/oss-security/2020/11/27/1 Reported-by: Qiuhao Li <Qiuhao.Li@outlook.com> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Message-Id: <20201126135706.273950-1-ppandit@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> (cherry-picked from 2e1dcbc0) Signed-off-by: Alex Chen <alex.chen@huawei.com>	2020-12-14 18:00:31 +08:00

Author

SHA1

Message

Date

Alex Chen

abe003640c

slirp: check pkt_len before reading protocol header

While processing ARP/NCSI packets in 'arp_input' or 'ncsi_input'
routines, ensure that pkt_len is large enough to accommodate the
respective protocol headers, lest it should do an OOB access.
Add check to avoid it.

CVE-2020-29129 CVE-2020-29130
  QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets
 -> https://www.openwall.com/lists/oss-security/2020/11/27/1

Reported-by: Qiuhao Li <Qiuhao.Li@outlook.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20201126135706.273950-1-ppandit@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
(cherry-picked from 2e1dcbc0)
Signed-off-by: Alex Chen <alex.chen@huawei.com>

2020-12-14 18:00:31 +08:00

1 Commits