diff options
author | Sakib Sajal <sakib.sajal@windriver.com> | 2021-08-20 16:55:19 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-09-01 16:27:09 +0100 |
commit | 4bd52d64c9581cc9a87a0b6b113575881566e5fc (patch) | |
tree | 84815aa7498a42d6df70817d6b270d0c03b72e89 /meta/recipes-devtools/qemu/qemu/CVE-2021-3416_7.patch | |
parent | 474c37c17ee8c8938de58d03e71e9f6a67ed4471 (diff) | |
download | poky-4bd52d64c9581cc9a87a0b6b113575881566e5fc.tar.gz |
qemu: fix CVE-2021-3416
Source: poky.org
MR: 109686
Type: Security Fix
Disposition: Backport from http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-devtools/qemu?h=hardknott&id=381aebe82f1f6fcc26b47966bc8520dbb1476961
ChangeID: 50b1589249cc3c595d224e3a8347da2b54339ef8
Description:
Drop CVE-2021-3416_4.patch as hw/net/msf2-emac.c does not exist in 4.2.0
(From OE-Core rev: 7a3ce8a79a6c682e1b38f757eb68534e0ce5589d)
(From OE-Core rev: 44bb99fdd1a7eee78078f7d48b9b8aad729f84ec)
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e2b5bc11d1b26b73b62e1a63cb75572793282dcb)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 381aebe82f1f6fcc26b47966bc8520dbb1476961)
[Drop CVE-2021-3416_4.patch, affected file does not exist in 4.2.0]
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu/CVE-2021-3416_7.patch')
-rw-r--r-- | meta/recipes-devtools/qemu/qemu/CVE-2021-3416_7.patch | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_7.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_7.patch new file mode 100644 index 0000000000..b3b702cca4 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3416_7.patch | |||
@@ -0,0 +1,42 @@ | |||
1 | From 64b38675c728354e4015e4bec3d975cd4cb8a981 Mon Sep 17 00:00:00 2001 | ||
2 | From: Alexander Bulekov <alxndr@bu.edu> | ||
3 | Date: Fri, 26 Feb 2021 13:47:53 -0500 | ||
4 | Subject: [PATCH 07/10] rtl8139: switch to use qemu_receive_packet() for | ||
5 | loopback | ||
6 | MIME-Version: 1.0 | ||
7 | Content-Type: text/plain; charset=UTF-8 | ||
8 | Content-Transfer-Encoding: 8bit | ||
9 | |||
10 | This patch switches to use qemu_receive_packet() which can detect | ||
11 | reentrancy and return early. | ||
12 | |||
13 | This is intended to address CVE-2021-3416. | ||
14 | |||
15 | Cc: Prasad J Pandit <ppandit@redhat.com> | ||
16 | Cc: qemu-stable@nongnu.org | ||
17 | Buglink: https://bugs.launchpad.net/qemu/+bug/1910826 | ||
18 | Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com | ||
19 | Signed-off-by: Alexander Bulekov <alxndr@bu.edu> | ||
20 | Signed-off-by: Jason Wang <jasowang@redhat.com> | ||
21 | |||
22 | Upstream-Status: Backport [5311fb805a4403bba024e83886fa0e7572265de4] | ||
23 | CVE: CVE-2021-3416 | ||
24 | |||
25 | Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> | ||
26 | --- | ||
27 | hw/net/rtl8139.c | 2 +- | ||
28 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
29 | |||
30 | Index: qemu-4.2.0/hw/net/rtl8139.c | ||
31 | =================================================================== | ||
32 | --- qemu-4.2.0.orig/hw/net/rtl8139.c | ||
33 | +++ qemu-4.2.0/hw/net/rtl8139.c | ||
34 | @@ -1793,7 +1793,7 @@ static void rtl8139_transfer_frame(RTL81 | ||
35 | } | ||
36 | |||
37 | DPRINTF("+++ transmit loopback mode\n"); | ||
38 | - rtl8139_do_receive(qemu_get_queue(s->nic), buf, size, do_interrupt); | ||
39 | + qemu_receive_packet(qemu_get_queue(s->nic), buf, size); | ||
40 | |||
41 | if (iov) { | ||
42 | g_free(buf2); | ||