[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [CVE-2014-3615 PATCH v2 0/3] vbe: bochs dispi interface fix
|
From: |
Gerd Hoffmann |
|
Subject: |
[Qemu-devel] [CVE-2014-3615 PATCH v2 0/3] vbe: bochs dispi interface fixes |
|
Date: |
Thu, 4 Sep 2014 09:04:30 +0200 |
Hi,
Two fixes for the bochs dispi interface, one of them fixing a minor
security issue.
New in v2: Got a CVE number. Investigation & patch review found a
related issue in the spice code, so there is an additional patch.
/me plans to send a pull tomorrow, so this can go in fast enougth for
being cherry-picked into stable for the qemu 2.1.1 release.
please review,
Gerd
Gerd Hoffmann (3):
vbe: make bochs dispi interface return the correct memory size with
qxl
vbe: rework sanity checks
spice: make sure we don't overflow ssd->buf
hw/display/qxl.c | 1 +
hw/display/vga.c | 159 ++++++++++++++++++++++++++++++++-------------------
hw/display/vga_int.h | 1 +
ui/spice-display.c | 16 ++++--
4 files changed, 113 insertions(+), 64 deletions(-)
--
1.8.3.1
- [Qemu-devel] [CVE-2014-3615 PATCH v2 0/3] vbe: bochs dispi interface fixes,
Gerd Hoffmann <=