]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: d32af02) | patch
qemu: Security fix CVE-2016-4439
authorAdrian Dudau <adrian.dudau@enea.com>
Thu, 3 Nov 2016 13:18:00 +0000 (14:18 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 18 May 2017 12:13:34 +0000 (13:13 +0100)
commit1bc071172236ea020cac9db96e33de81950a15ff
treea0931bab19520b1493cbf1e7bb2d09e760499e49tree | snapshot
parentd32af0298ddfa88478f485aaffe2d36c69e1d9d6commit | diff
qemu: Security fix CVE-2016-4439

affects qemu < 2.7.0

Quick Emulator(Qemu) built with the ESP/NCR53C9x controller emulation
support is vulnerable to an OOB write access issue. The controller uses
16-byte FIFO buffer for command and data transfer. The OOB write occurs
while writing to this command buffer in routine get_cmd().

A privileged user inside guest could use this flaw to crash the Qemu
process resulting in DoS.

References:
----------
http://www.openwall.com/lists/oss-security/2016/05/19/4
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4441

Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-devtools/qemu/qemu/CVE-2016-4441.patch [new file with mode: 0644] blob
meta/recipes-devtools/qemu/qemu_2.5.0.bb diff | blob | history
Mirror of the official openembedded-core repository