diff options
| author | Chee Yang Lee <chee.yang.lee@intel.com> | 2023-03-21 11:40:23 +0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-04-01 20:23:23 +0100 |
| commit | 72707c04e10248640328dd39afe55ba08195965d (patch) | |
| tree | 9d675807dc06d19e792546938aa2e5f929092490 /meta/recipes-devtools/qemu/qemu/CVE-2020-15469-1.patch | |
| parent | f76c7b8e6366129a2550417ed6f091717d897a81 (diff) | |
| download | poky-72707c04e10248640328dd39afe55ba08195965d.tar.gz | |
qemu: fix multple CVEs
import patches from ubuntu to fix
CVE-2020-15469
CVE-2020-15859
CVE-2020-17380
CVE-2020-35504
CVE-2020-35505
CVE-2021-3409
CVE-2022-26354
https://git.launchpad.net/ubuntu/+source/qemu/tree/debian/patches?h=ubuntu/focal-security
Combine patches for both CVE-2020-25085 and CVE-2021-3409 also fix CVE-2020-17380.
so mark CVE-2020-17380 fixed by CVE-2021-3409 patches. CVE-2020-17380 patch backported since
oecore rev 6b4c58a31ec11e557d40c31f2532985dd53e61eb.
(From OE-Core rev: 3ee2e9027d57dd5ae9f8795436c1acd18a9f1e24)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu/CVE-2020-15469-1.patch')
| -rw-r--r-- | meta/recipes-devtools/qemu/qemu/CVE-2020-15469-1.patch | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-15469-1.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-15469-1.patch new file mode 100644 index 0000000000..20f39f0a26 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-15469-1.patch | |||
| @@ -0,0 +1,50 @@ | |||
| 1 | From 520f26fc6d17b71a43eaf620e834b3bdf316f3d3 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Prasad J Pandit <pjp@fedoraproject.org> | ||
| 3 | Date: Tue, 11 Aug 2020 17:11:25 +0530 | ||
| 4 | Subject: [PATCH] hw/pci-host: add pci-intack write method | ||
| 5 | |||
| 6 | Add pci-intack mmio write method to avoid NULL pointer dereference | ||
| 7 | issue. | ||
| 8 | |||
| 9 | Reported-by: Lei Sun <slei.casper@gmail.com> | ||
| 10 | Reviewed-by: Li Qiang <liq3ea@gmail.com> | ||
| 11 | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 12 | Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> | ||
| 13 | Message-Id: <20200811114133.672647-2-ppandit@redhat.com> | ||
| 14 | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> | ||
| 15 | |||
| 16 | CVE: CVE-2020-15469 | ||
| 17 | Upstream-Status: Backport [import from ubuntu | ||
| 18 | https://git.launchpad.net/ubuntu/+source/qemu/tree/debian/patches/CVE-2020-15469-1.patch?h=ubuntu/focal-security | ||
| 19 | Upstream commit https://github.com/qemu/qemu/commit/520f26fc6d17b71a43eaf620e834b3bdf316f3d3 ] | ||
| 20 | Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> | ||
| 21 | --- | ||
| 22 | hw/pci-host/prep.c | 8 ++++++++ | ||
| 23 | 1 file changed, 8 insertions(+) | ||
| 24 | |||
| 25 | --- a/hw/pci-host/prep.c | ||
| 26 | +++ b/hw/pci-host/prep.c | ||
| 27 | @@ -26,6 +26,7 @@ | ||
| 28 | #include "qemu/osdep.h" | ||
| 29 | #include "qemu-common.h" | ||
| 30 | #include "qemu/units.h" | ||
| 31 | +#include "qemu/log.h" | ||
| 32 | #include "qapi/error.h" | ||
| 33 | #include "hw/pci/pci.h" | ||
| 34 | #include "hw/pci/pci_bus.h" | ||
| 35 | @@ -119,8 +120,15 @@ static uint64_t raven_intack_read(void * | ||
| 36 | return pic_read_irq(isa_pic); | ||
| 37 | } | ||
| 38 | |||
| 39 | +static void raven_intack_write(void *opaque, hwaddr addr, | ||
| 40 | + uint64_t data, unsigned size) | ||
| 41 | +{ | ||
| 42 | + qemu_log_mask(LOG_UNIMP, "%s not implemented\n", __func__); | ||
| 43 | +} | ||
| 44 | + | ||
| 45 | static const MemoryRegionOps raven_intack_ops = { | ||
| 46 | .read = raven_intack_read, | ||
| 47 | + .write = raven_intack_write, | ||
| 48 | .valid = { | ||
| 49 | .max_access_size = 1, | ||
| 50 | }, | ||