diff options
author | Adrian Dudau <adrian.dudau@enea.com> | 2016-11-03 14:18:00 +0100 |
---|---|---|
committer | Sona Sarmadi <sona.sarmadi@enea.com> | 2017-02-10 12:21:36 +0100 |
commit | ad13ebb1a522389441b526ddf11301761e7c3938 (patch) | |
tree | ee98b2ee94835c04abaeb95676597732df0d27b6 /meta/recipes-sato/pcmanfm/pcmanfm_1.2.4.bb | |
parent | a1533cc9b6bf6e555bdec1ecaac6e49437402e5c (diff) | |
download | poky-ad13ebb1a522389441b526ddf11301761e7c3938.tar.gz |
qemu: Security fix CVE-2016-4439
affects qemu < 2.7.0
Quick Emulator(Qemu) built with the ESP/NCR53C9x controller emulation
support is vulnerable to an OOB write access issue. The controller uses
16-byte FIFO buffer for command and data transfer. The OOB write occurs
while writing to this command buffer in routine get_cmd().
A privileged user inside guest could use this flaw to crash the Qemu
process resulting in DoS.
References:
----------
http://www.openwall.com/lists/oss-security/2016/05/19/4
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4441
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Diffstat (limited to 'meta/recipes-sato/pcmanfm/pcmanfm_1.2.4.bb')
0 files changed, 0 insertions, 0 deletions