[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] e1000: eliminate infinite loops on out-of-bound
From: |
Laszlo Ersek |
Subject: |
Re: [Qemu-devel] [PATCH] e1000: eliminate infinite loops on out-of-bounds transfer start |
Date: |
Thu, 28 Jan 2016 12:09:51 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 |
On 01/28/16 06:47, Jason Wang wrote:
>
>
> On 01/28/2016 02:35 AM, Laszlo Ersek wrote:
>> Hello Jason,
>>
>> On 01/22/16 07:15, Jason Wang wrote:
>>>
>>> On 01/22/2016 02:11 PM, Michael Tokarev wrote:
>>>> 22.01.2016 06:09, Jason Wang wrote:
>>>>> On 01/19/2016 09:17 PM, Laszlo Ersek wrote:
>>>>>> The start_xmit() and e1000_receive_iov() functions implement DMA
>>>>>> transfers
>>>>>> iterating over a set of descriptors that the guest's e1000 driver
>>>>>> prepares:
>>>> ...
>>>>> Applied in my -net.
>>>> This is CVE-2016-1981, btw.
>>>>
>>>> /mjt
>>>>
>>> Add this into commit log.
>> do you plan to send a PULL req soon? The patch is not really urgent, but
>> it would help me move forward with my queue.
>>
>> Thanks!
>> Laszlo
>>
>
> Plan to send it next Tuesday. But if you wish, I can send it tomorrow.
Next Tuesday is perfectly fine, thank you!
Laszlo