diff options
author | Adrian Dudau <adrian.dudau@enea.com> | 2016-11-03 14:18:01 +0100 |
---|---|---|
committer | Sona Sarmadi <sona.sarmadi@enea.com> | 2017-02-10 12:21:36 +0100 |
commit | 10bef78e2135fb191166e3893cc4a1326deede8c (patch) | |
tree | 6a043f57ba9b01189c4eca279b88ebef21a51219 /scripts/gen-site-config | |
parent | ad13ebb1a522389441b526ddf11301761e7c3938 (diff) | |
download | poky-10bef78e2135fb191166e3893cc4a1326deede8c.tar.gz |
qemu: Security fix CVE-2016-4952
affects qemu < 2.7.0
Quick Emulator(Qemu) built with the VMWARE PVSCSI paravirtual SCSI bus
emulation support is vulnerable to an OOB r/w access issue. It could
occur while processing SCSI commands 'PVSCSI_CMD_SETUP_RINGS' or
'PVSCSI_CMD_SETUP_MSG_RING'.
A privileged user inside guest could use this flaw to crash the Qemu
process resulting in DoS.
References:
----------
http://www.openwall.com/lists/oss-security/2016/05/23/1
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Diffstat (limited to 'scripts/gen-site-config')
0 files changed, 0 insertions, 0 deletions