[Qemu-devel] [Bug 1736376] [NEW] CVE-2017-7471 repeated?

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [Bug 1736376] [NEW] CVE-2017-7471 repeated?

From:	Rooney
Subject:	[Qemu-devel] [Bug 1736376] [NEW] CVE-2017-7471 repeated?
Date:	Tue, 05 Dec 2017 10:32:55 -0000

Public bug reported:

In the hw/9pfs/9p-proxy.c file I can see the following which is changed
because of CVE-2017-7471 in the hw/9pfs/9p-local.c. I might be wrong but
I guess that should be changed as well.

if(dir_path){
v9fs_path_sprintf(target,"%s/%s",dir_path->data,name);
}
else{
v9fs_path_sprintf(target,"%s",name);
}

** Affects: qemu
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1736376

Title:
  CVE-2017-7471 repeated?

Status in QEMU:
  New

Bug description:
  In the hw/9pfs/9p-proxy.c file I can see the following which is
  changed because of CVE-2017-7471 in the hw/9pfs/9p-local.c. I might be
  wrong but I guess that should be changed as well.

  if(dir_path){
  v9fs_path_sprintf(target,"%s/%s",dir_path->data,name);
  }
  else{
  v9fs_path_sprintf(target,"%s",name);
  }

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1736376/+subscriptions

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [Bug 1736376] [NEW] CVE-2017-7471 repeated?, Rooney <=
- [Qemu-devel] [Bug 1736376] Re: CVE-2017-7471 repeated?, Greg Kurz, 2017/12/05

Prev by Date: Re: [Qemu-devel] [virtio-dev] [PATCH v3 0/7] Vhost-pci for inter-VM communication
Next by Date: [Qemu-devel] [PATCH 0/9] blockdev: fix QMP 'transaction' with IOThreads
Previous by thread: Re: [Qemu-devel] [PATCH 09/17] e500: move mpic under CCSR
Next by thread: [Qemu-devel] [Bug 1736376] Re: CVE-2017-7471 repeated?
Index(es):
- Date
- Thread