Re: [Qemu-devel] [PATCH 0/4] migration: fix CVE-2014-7840

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 0/4] migration: fix CVE-2014-7840

From:	Amos Kong
Subject:	Re: [Qemu-devel] [PATCH 0/4] migration: fix CVE-2014-7840
Date:	Tue, 9 Dec 2014 07:32:50 +0800
User-agent:	Mutt/1.5.23 (2014-03-12)

On Wed, Nov 12, 2014 at 11:44:35AM +0200, Michael S. Tsirkin wrote:
> This patchset fixes CVE-2014-7840: invalid
> migration stream can cause arbitrary qemu memory
> overwrite.
> First patch includes the minimal fix for the issue.
> Follow-up patches on top add extra checking to reduce the
> chance this kind of bug recurs.
> 
> Note: these are already (tentatively-pending review)
> queued in my tree, so only review/ack
> is necessary.
> 
> Michael S. Tsirkin (4):

Reviewed-by: Amos Kong <address@hidden>

>   migration: fix parameter validation on ram load
>   exec: add wrapper for host pointer access
>   cpu: assert host pointer offset within block
>   cpu: verify that block->host is set
> 
>  include/exec/cpu-all.h |  7 +++++++
>  arch_init.c            |  5 +++--
>  exec.c                 | 10 +++++-----
>  3 files changed, 15 insertions(+), 7 deletions(-)
> 
> -- 
> MST
> 

-- 
                        Amos.

signature.asc
Description: Digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH 0/4] migration: fix CVE-2014-7840, Amos Kong <=
- Re: [Qemu-devel] [PATCH 0/4] migration: fix CVE-2014-7840, Amit Shah, 2014/12/09

Prev by Date: Re: [Qemu-devel] [PATCH v2] arm: add fw_cfg to "virt" board
Next by Date: Re: [Qemu-devel] [PATCH v2] arm: add fw_cfg to "virt" board
Previous by thread: [Qemu-devel] [PATCHv3 0/5] Add support for SDHCI PCI devices
Next by thread: Re: [Qemu-devel] [PATCH 0/4] migration: fix CVE-2014-7840
Index(es):
- Date
- Thread