SYS-OSS/FRET-qemu
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
FRET-qemu/hw
History
Prasad J Pandit 1ce084af08 net: vmxnet3: validate configuration values during activate (CVE-2021-20203) 
While activating device in vmxnet3_acticate_device(), it does not
validate guest supplied configuration values against predefined
minimum - maximum limits. This may lead to integer overflow or
OOB access issues. Add checks to avoid it.

Fixes: CVE-2021-20203
Buglink: https://bugs.launchpad.net/qemu/+bug/1913873
Reported-by: Gaoning Pan <pgn@zju.edu.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
(cherry picked from commit d05dcd94aee88728facafb993c7280547eb4d645)
Signed-off-by: Michael Roth <michael.roth@amd.com>
2021-12-14 17:39:20 -06:00
..
9pfs
9pfs: fix crash in v9fs_walk()
2021-12-14 12:46:48 -06:00
acpi
hw/acpi/Kconfig: Add missing Kconfig dependencies (build error)
2021-07-20 15:29:27 +02:00
adc
adc: Move the max111x driver to the adc directory
2021-06-17 07:10:32 -05:00
alpha
hw/alpha: Provide a PCI-ISA bridge device node
2021-06-28 07:27:32 -07:00
arm
hw/arm/virt: Rename default_bus_bypass_iommu
2021-12-14 13:07:27 -06:00
audio
hw/audio/adlib: Remove unused variable in adlib_callback
2021-07-26 07:07:07 -10:00
avr
hw/avr/atmega.c: use the avr51 cpu for atmega1280
2021-05-13 19:11:42 +02:00
block
virtio-blk: Fix clean up of host notifiers for single MR transaction.
2021-12-14 15:10:56 -06:00
char
chardev: mark explicitly first argument as poisoned
2021-08-05 16:15:33 +04:00
core
vhost-vsock: fix migration issue when seqpacket is supported
2021-12-14 13:04:13 -06:00
cpu
cpu/core: Fix "help" of CPU core device types
2021-04-09 16:05:16 -04:00
cris
Do not include exec/address-spaces.h if it's not really necessary
2021-05-02 17:24:51 +02:00
display
hw/display/artist: Fix bug in coordinate extraction in artist_vram_read() and artist_vram_write()
2021-12-14 08:57:12 -06:00
dma
docs: fix references to docs/devel/tracing.rst
2021-06-02 06:51:09 +02:00
gpio
hw: aspeed_gpio: Fix memory size
2021-07-27 11:00:00 +01:00
hppa
docs: fix references to docs/devel/tracing.rst
2021-06-02 06:51:09 +02:00
hyperv
vmbus: Don't make QOM property registration conditional
2021-07-06 18:04:38 -04:00
i2c
i2c/smbus_eeprom: Add feature bit to SPD data
2021-07-29 10:59:49 +10:00
i386
pcie: rename 'native-hotplug' to 'x-native-hotplug'
2021-12-14 14:38:08 -06:00
ide
hw/ide/Kconfig: Add missing dependency PCI -> IDE_QDEV
2021-07-20 15:30:42 +02:00
input
Some qemu updates for IPMI and I2C
2021-07-11 14:32:49 +01:00
intc
hw/intc/armv7m_nvic: for v8.1M VECTPENDING hides S exceptions from NS
2021-07-27 10:57:39 +01:00
ipack
Use OBJECT_DECLARE_SIMPLE_TYPE when possible
2020-09-18 14:12:32 -04:00
ipmi
ipmi/sim: fix watchdog_expired data type error in IPMIBmcSim struct
2021-07-08 14:15:01 -05:00
isa
hw/isa/vt82c686: Add missing Kconfig dependency (runtime error)
2021-07-20 20:10:20 +02:00
m68k
hw: m68k: virt: Add compat machine for 6.1
2021-12-14 14:23:21 -06:00
mem
docs: fix references to docs/devel/tracing.rst
2021-06-02 06:51:09 +02:00
microblaze
Do not include sysemu/sysemu.h if it's not really necessary
2021-05-02 17:24:50 +02:00
mips
hw/mips: Express dependencies of the Boston machine with Kconfig
2021-07-20 15:18:39 +02:00
misc
Some qemu updates for IPMI and I2C
2021-07-11 14:32:49 +01:00
net
net: vmxnet3: validate configuration values during activate (CVE-2021-20203)
2021-12-14 17:39:20 -06:00
nios2
Do not include cpu.h if it's not really necessary
2021-05-02 17:24:51 +02:00
nubus
hw: Do not include hw/sysbus.h if it is not necessary
2021-05-02 17:24:50 +02:00
nvme
hw/nvme: fix buffer overrun in nvme_changed_nslist (CVE-2021-3947)
2021-12-14 14:52:50 -06:00
nvram
docs: fix references to docs/devel/tracing.rst
2021-06-02 06:51:09 +02:00
openrisc
Do not include exec/address-spaces.h if it's not really necessary
2021-05-02 17:24:51 +02:00
pci
pcie: rename 'native-hotplug' to 'x-native-hotplug'
2021-12-14 14:38:08 -06:00
pci-bridge
hw/pcie-root-port: Fix hotplug for PCI devices requiring IO
2021-08-03 16:31:07 -04:00
pci-host
Revert "acpi/gpex: Inform os to keep firmware resource map"
2021-08-03 16:32:34 -04:00
pcmcia
hw/pcmcia: Do not register PCMCIA type if not required
2021-05-02 17:24:50 +02:00
ppc
ppc/vof: Fix Coverity issues
2021-07-29 10:59:49 +10:00
rdma
pvrdma: Fix the ring init error flow (CVE-2021-3608)
2021-07-04 22:47:51 +03:00
remote
remote/memory: Replace share parameter with ram_flags
2021-07-20 15:34:20 -04:00
riscv
hw/riscv/Kconfig: Restrict NUMA to Virt & Spike machines
2021-07-20 15:32:49 +02:00
rtc
docs: fix references to docs/devel/tracing.rst
2021-06-02 06:51:09 +02:00
rx
hw/rx/rx-gdbsim: Do not accept invalid memory size
2021-05-03 10:07:41 +02:00
s390x
s390x updates:
2021-07-12 19:15:11 +01:00
scsi
hw/scsi/scsi-disk: MODE_PAGE_ALLS not allowed in MODE SELECT commands
2021-12-14 14:22:44 -06:00
sd
hw/sd/sdcard: Fix assertion accessing out-of-range addresses with CMD30
2021-08-03 19:34:51 +02:00
sensor
hw/misc: add MAX34451 device
2021-07-08 14:42:00 -05:00
sh4
Do not include exec/address-spaces.h if it's not really necessary
2021-05-02 17:24:51 +02:00
smbios
hw/smbios: support for type 41 (onboard devices extended information)
2021-05-14 10:26:18 -04:00
sparc
hw/block/fdc: Extract SysBus floppy controllers to fdc-sysbus.c
2021-06-25 08:53:28 -04:00
sparc64
hw/block/fdc: Extract ISA floppy controllers to fdc-isa.c
2021-06-25 08:53:28 -04:00
ssi
Trivial patches pull request 20210503
2021-05-05 13:52:00 +01:00
timer
hw/timer: Initial commit of Ibex Timer
2021-06-24 05:00:12 -07:00
tpm
docs: fix references to docs/specs/tpm.rst
2021-06-02 06:51:09 +02:00
tricore
hw/tricore: fix inclusion of tricore_testboard
2021-07-20 20:10:21 +02:00
usb
uas: add stream number sanity checks.
2021-12-14 08:56:53 -06:00
vfio
vfio: Fix memory leak of hostwin
2021-12-14 14:49:55 -06:00
virtio
virtio: use virtio accessor to access packed event
2021-12-14 14:43:25 -06:00
watchdog
docs: fix references to docs/devel/tracing.rst
2021-06-02 06:51:09 +02:00
xen
docs: fix references to docs/devel/tracing.rst
2021-06-02 06:51:09 +02:00
xenpv
meson: convert hw/arch*
2020-08-21 06:30:33 -04:00
xtensa
Do not include exec/address-spaces.h if it's not really necessary
2021-05-02 17:24:51 +02:00
Kconfig
sensor: Move hardware sensors from misc to a sensor directory
2021-06-17 07:10:32 -05:00
meson.build
sensor: Move hardware sensors from misc to a sensor directory
2021-06-17 07:10:32 -05:00