diff options
author | Chee Yang Lee <chee.yang.lee@intel.com> | 2023-03-21 11:40:23 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-04-01 20:23:23 +0100 |
commit | 72707c04e10248640328dd39afe55ba08195965d (patch) | |
tree | 9d675807dc06d19e792546938aa2e5f929092490 /meta/recipes-devtools/qemu/qemu/CVE-2020-15469-3.patch | |
parent | f76c7b8e6366129a2550417ed6f091717d897a81 (diff) | |
download | poky-72707c04e10248640328dd39afe55ba08195965d.tar.gz |
qemu: fix multple CVEs
import patches from ubuntu to fix
CVE-2020-15469
CVE-2020-15859
CVE-2020-17380
CVE-2020-35504
CVE-2020-35505
CVE-2021-3409
CVE-2022-26354
https://git.launchpad.net/ubuntu/+source/qemu/tree/debian/patches?h=ubuntu/focal-security
Combine patches for both CVE-2020-25085 and CVE-2021-3409 also fix CVE-2020-17380.
so mark CVE-2020-17380 fixed by CVE-2021-3409 patches. CVE-2020-17380 patch backported since
oecore rev 6b4c58a31ec11e557d40c31f2532985dd53e61eb.
(From OE-Core rev: 3ee2e9027d57dd5ae9f8795436c1acd18a9f1e24)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu/CVE-2020-15469-3.patch')
-rw-r--r-- | meta/recipes-devtools/qemu/qemu/CVE-2020-15469-3.patch | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-15469-3.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-15469-3.patch new file mode 100644 index 0000000000..85abe8ff32 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-15469-3.patch | |||
@@ -0,0 +1,49 @@ | |||
1 | From 24202d2b561c3b4c48bd28383c8c34b4ac66c2bf Mon Sep 17 00:00:00 2001 | ||
2 | From: Prasad J Pandit <pjp@fedoraproject.org> | ||
3 | Date: Tue, 11 Aug 2020 17:11:27 +0530 | ||
4 | Subject: [PATCH] vfio: add quirk device write method | ||
5 | |||
6 | Add vfio quirk device mmio write method to avoid NULL pointer | ||
7 | dereference issue. | ||
8 | |||
9 | Reported-by: Lei Sun <slei.casper@gmail.com> | ||
10 | Reviewed-by: Li Qiang <liq3ea@gmail.com> | ||
11 | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> | ||
12 | Acked-by: Alex Williamson <alex.williamson@redhat.com> | ||
13 | Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> | ||
14 | Message-Id: <20200811114133.672647-4-ppandit@redhat.com> | ||
15 | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> | ||
16 | |||
17 | CVE: CVE-2020-15469 | ||
18 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/qemu/tree/debian/patches/CVE-2020-15469-3.patch?h=ubuntu/focal-security Upstream commit https://github.com/qemu/qemu/commit/24202d2b561c3b4c48bd28383c8c34b4ac66c2bf] | ||
19 | Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> | ||
20 | --- | ||
21 | hw/vfio/pci-quirks.c | 8 ++++++++ | ||
22 | 1 file changed, 8 insertions(+) | ||
23 | |||
24 | --- a/hw/vfio/pci-quirks.c | ||
25 | +++ b/hw/vfio/pci-quirks.c | ||
26 | @@ -13,6 +13,7 @@ | ||
27 | #include "qemu/osdep.h" | ||
28 | #include "exec/memop.h" | ||
29 | #include "qemu/units.h" | ||
30 | +#include "qemu/log.h" | ||
31 | #include "qemu/error-report.h" | ||
32 | #include "qemu/main-loop.h" | ||
33 | #include "qemu/module.h" | ||
34 | @@ -278,8 +279,15 @@ static uint64_t vfio_ati_3c3_quirk_read( | ||
35 | return data; | ||
36 | } | ||
37 | |||
38 | +static void vfio_ati_3c3_quirk_write(void *opaque, hwaddr addr, | ||
39 | + uint64_t data, unsigned size) | ||
40 | +{ | ||
41 | + qemu_log_mask(LOG_GUEST_ERROR, "%s: invalid access\n", __func__); | ||
42 | +} | ||
43 | + | ||
44 | static const MemoryRegionOps vfio_ati_3c3_quirk = { | ||
45 | .read = vfio_ati_3c3_quirk_read, | ||
46 | + .write = vfio_ati_3c3_quirk_write, | ||
47 | .endianness = DEVICE_LITTLE_ENDIAN, | ||
48 | }; | ||
49 | |||