qemu: CVE-2018-12617 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>	2018-08-22 17:11:47 +0530
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-08-29 15:23:51 +0100
commit	d82d8d431544225d7f664b16dd34878d71e86a4f (patch)
tree	440df7d34937728b34d8d99ebc34312c6bd1621c /meta-yocto-bsp
parent	2ef1650794724a6cd6b0a6ac44024bbc8ed824a6 (diff)
download	poky-d82d8d431544225d7f664b16dd34878d71e86a4f.tar.gz

qemu: CVE-2018-12617

qga: check bytes count read by guest-file-read While reading file content via 'guest-file-read' command, 'qmp_guest_file_read' routine allocates buffer of count+1 bytes. It could overflow for large values of 'count'. Add check to avoid it. Affects qemu < v3.0.0 (From OE-Core rev: a11c8ee86007f7f7a34b9dc29d01acc323b71873) Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta-yocto-bsp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: