[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] e1000: eliminate infinite loops on out-of-bound
|
From: |
Laszlo Ersek |
|
Subject: |
Re: [Qemu-devel] [PATCH] e1000: eliminate infinite loops on out-of-bounds transfer start |
|
Date: |
Wed, 27 Jan 2016 19:35:46 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 |
Hello Jason,
On 01/22/16 07:15, Jason Wang wrote:
>
>
> On 01/22/2016 02:11 PM, Michael Tokarev wrote:
>> 22.01.2016 06:09, Jason Wang wrote:
>>> On 01/19/2016 09:17 PM, Laszlo Ersek wrote:
>>>> The start_xmit() and e1000_receive_iov() functions implement DMA transfers
>>>> iterating over a set of descriptors that the guest's e1000 driver
>>>> prepares:
>> ...
>>> Applied in my -net.
>> This is CVE-2016-1981, btw.
>>
>> /mjt
>>
>
> Add this into commit log.
do you plan to send a PULL req soon? The patch is not really urgent, but
it would help me move forward with my queue.
Thanks!
Laszlo