[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v3 0/5] vmware-vga: fix CVE-2014-3689
|
From: |
Gerd Hoffmann |
|
Subject: |
[Qemu-devel] [PATCH v3 0/5] vmware-vga: fix CVE-2014-3689 |
|
Date: |
Tue, 28 Oct 2014 10:50:37 +0100 |
Hi,
vmware-vga emulation lacks sanity checks in the hardware acceleration
(blit + fill) functions. This patch series plugs the holes.
v3 changes:
* throw badcmd errors in case the rectangles fail the sanity checks.
v2 changes:
* small whitespace fixup.
* do fullscreen update on invalid update requests.
cheers,
Gerd
Gerd Hoffmann (5):
vmware-vga: CVE-2014-3689: turn off hw accel
vmware-vga: add vmsvga_verify_rect
vmware-vga: use vmsvga_verify_rect in vmsvga_update_rect
vmware-vga: use vmsvga_verify_rect in vmsvga_copy_rect
vmware-vga: use vmsvga_verify_rect in vmsvga_fill_rect
hw/display/vmware_vga.c | 116 ++++++++++++++++++++++++++++++++----------------
1 file changed, 78 insertions(+), 38 deletions(-)
--
1.8.3.1
- [Qemu-devel] [PATCH v3 0/5] vmware-vga: fix CVE-2014-3689,
Gerd Hoffmann <=
- [Qemu-devel] [PATCH v3 3/5] vmware-vga: use vmsvga_verify_rect in vmsvga_update_rect, Gerd Hoffmann, 2014/10/28
- [Qemu-devel] [PATCH v3 4/5] vmware-vga: use vmsvga_verify_rect in vmsvga_copy_rect, Gerd Hoffmann, 2014/10/28
- [Qemu-devel] [PATCH v3 5/5] vmware-vga: use vmsvga_verify_rect in vmsvga_fill_rect, Gerd Hoffmann, 2014/10/28
- [Qemu-devel] [PATCH v3 2/5] vmware-vga: add vmsvga_verify_rect, Gerd Hoffmann, 2014/10/28
- [Qemu-devel] [PATCH v3 1/5] vmware-vga: CVE-2014-3689: turn off hw accel, Gerd Hoffmann, 2014/10/28
- Re: [Qemu-devel] [PATCH v3 0/5] vmware-vga: fix CVE-2014-3689, Don Koch, 2014/10/28