qemu: Security fix CVE-2016-4952 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Adrian Dudau <adrian.dudau@enea.com>	2016-11-03 14:18:01 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-05-18 13:14:20 +0100
commit	047e58b4ba57baf68d07d99a9a0eb3d7d1cab784 (patch)
tree	dbe437a97cf0957d9aef739eb40f4e4014059e2e /meta/recipes-graphics/wayland/weston_1.9.0.bb
parent	485e244db8cc7d2c421e60a1ad3a2415a30852ee (diff)
download	poky-047e58b4ba57baf68d07d99a9a0eb3d7d1cab784.tar.gz

qemu: Security fix CVE-2016-4952

affects qemu < 2.7.0 Quick Emulator(Qemu) built with the VMWARE PVSCSI paravirtual SCSI bus emulation support is vulnerable to an OOB r/w access issue. It could occur while processing SCSI commands 'PVSCSI_CMD_SETUP_RINGS' or 'PVSCSI_CMD_SETUP_MSG_RING'. A privileged user inside guest could use this flaw to crash the Qemu process resulting in DoS. References: ---------- http://www.openwall.com/lists/oss-security/2016/05/23/1 (From OE-Core rev: 3d6b4fd6bc4338b139ebcaf51b67c56cc97ba2ed) Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-graphics/wayland/weston_1.9.0.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: