[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2] ide: atapi: check logical block address and read size (CV
From: |
Philippe Mathieu-Daudé |
Subject: |
Re: [PATCH v2] ide: atapi: check logical block address and read size (CVE-2020-29443) |
Date: |
Mon, 18 Jan 2021 10:49:26 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0 |
On 1/18/21 7:32 AM, P J P wrote:
> From: Prasad J Pandit <pjp@fedoraproject.org>
>
> While processing ATAPI cmd_read/cmd_read_cd commands,
> Logical Block Address (LBA) maybe invalid OR closer to the last block,
> leading to an OOB access issues. Add range check to avoid it.
>
> Fixes: CVE-2020-29443
> Reported-by: Wenxiang Qian <leonwxqian@gmail.com>
> Fix-suggested-by: Paolo Bonzini <pbonzini@redhat.com>
"Suggested-by"
> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
> ---
> hw/ide/atapi.c | 30 ++++++++++++++++++++++++------
> 1 file changed, 24 insertions(+), 6 deletions(-)
Re: [PATCH v2] ide: atapi: check logical block address and read size (CVE-2020-29443),
Philippe Mathieu-Daudé <=