diff options
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu/CVE-2019-3812.patch')
-rw-r--r-- | meta/recipes-devtools/qemu/qemu/CVE-2019-3812.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2019-3812.patch b/meta/recipes-devtools/qemu/qemu/CVE-2019-3812.patch new file mode 100644 index 0000000000..0e11ad288c --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2019-3812.patch | |||
@@ -0,0 +1,39 @@ | |||
1 | From b664d9d003d1a98642dcfb8e6fceef6dbf3d52d8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Gerd Hoffmann <kraxel@redhat.com> | ||
3 | Date: Tue, 8 Jan 2019 11:23:01 +0100 | ||
4 | Subject: [PATCH] i2c-ddc: fix oob read | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | Suggested-by: Michael Hanselmann <public@hansmi.ch> | ||
10 | Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> | ||
11 | Reviewed-by: Michael Hanselmann <public@hansmi.ch> | ||
12 | Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> | ||
13 | Message-id: 20190108102301.1957-1-kraxel@redhat.com | ||
14 | |||
15 | CVE: CVE-2019-3812 | ||
16 | Upstream-Status: Backport | ||
17 | [https://git.qemu.org/?p=qemu.git;a=commit;h=b05b267840515730dbf6753495d5b7bd8b04ad1c] | ||
18 | |||
19 | Signed-off-by: Dan Tran <dantran@microsoft.com> | ||
20 | --- | ||
21 | hw/i2c/i2c-ddc.c | 2 +- | ||
22 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
23 | |||
24 | diff --git a/hw/i2c/i2c-ddc.c b/hw/i2c/i2c-ddc.c | ||
25 | index bec0c91e2d..89e659288e 100644 | ||
26 | --- a/hw/i2c/i2c-ddc.c | ||
27 | +++ b/hw/i2c/i2c-ddc.c | ||
28 | @@ -247,7 +247,7 @@ static int i2c_ddc_rx(I2CSlave *i2c) | ||
29 | I2CDDCState *s = I2CDDC(i2c); | ||
30 | |||
31 | int value; | ||
32 | - value = s->edid_blob[s->reg]; | ||
33 | + value = s->edid_blob[s->reg % sizeof(s->edid_blob)]; | ||
34 | s->reg++; | ||
35 | return value; | ||
36 | } | ||
37 | -- | ||
38 | 2.22.0.vfs.1.1.57.gbaf16c8 | ||
39 | |||