diff options
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu/CVE-2021-3544_2.patch')
-rw-r--r-- | meta/recipes-devtools/qemu/qemu/CVE-2021-3544_2.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_2.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_2.patch new file mode 100644 index 0000000000..36cbb127f8 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3544_2.patch | |||
@@ -0,0 +1,39 @@ | |||
1 | vhost-user-gpu: fix memory leak in vg_resource_attach_backing (CVE-2021-3544) | ||
2 | |||
3 | |||
4 | Check whether the 'res' has already been attach_backing to avoid | ||
5 | memory leak. | ||
6 | |||
7 | Fixes: CVE-2021-3544 | ||
8 | Reported-by: default avatarLi Qiang <liq3ea@163.com> | ||
9 | virtio-gpu fix: 204f01b3 | ||
10 | |||
11 | ("virtio-gpu: fix memory leak | ||
12 | in resource attach backing") | ||
13 | Signed-off-by: default avatarLi Qiang <liq3ea@163.com> | ||
14 | Reviewed-by: Marc-André Lureau's avatarMarc-André Lureau <marcandre.lureau@redhat.com> | ||
15 | Message-Id: <20210516030403.107723-4-liq3ea@163.com> | ||
16 | Signed-off-by: Gerd Hoffmann's avatarGerd Hoffmann <kraxel@redhat.com> | ||
17 | |||
18 | Upstream-Status: Backport | ||
19 | [vhost-user-gpu does not exist in 4.2.0 context] | ||
20 | CVE: CVE-2021-3544 | ||
21 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
22 | |||
23 | |||
24 | Index: qemu-4.2.0/contrib/vhost-user-gpu/main.c | ||
25 | =================================================================== | ||
26 | --- qemu-4.2.0.orig/contrib/vhost-user-gpu/main.c | ||
27 | +++ qemu-4.2.0/contrib/vhost-user-gpu/main.c | ||
28 | @@ -468,6 +468,11 @@ vg_resource_attach_backing(VuGpu *g, | ||
29 | return; | ||
30 | } | ||
31 | |||
32 | + if (res->iov) { | ||
33 | + cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; | ||
34 | + return; | ||
35 | + } | ||
36 | + | ||
37 | ret = vg_create_mapping_iov(g, &ab, cmd, &res->iov); | ||
38 | if (ret != 0) { | ||
39 | cmd->error = VIRTIO_GPU_RESP_ERR_UNSPEC; | ||