FRET-qemu/net at 1ce084af083b6958c8287ea742a008a105bc960d - FRET-qemu - Gitea: Git Fakultät Informatik TU Dortmund

SYS-OSS/FRET-qemu

History

Prasad J Pandit 1ce084af08 net: vmxnet3: validate configuration values during activate (CVE-2021-20203)

While activating device in vmxnet3_acticate_device(), it does not
validate guest supplied configuration values against predefined
minimum - maximum limits. This may lead to integer overflow or
OOB access issues. Add checks to avoid it.

Fixes: CVE-2021-20203
Buglink: https://bugs.launchpad.net/qemu/+bug/1913873
Reported-by: Gaoning Pan <pgn@zju.edu.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
(cherry picked from commit d05dcd94aee88728facafb993c7280547eb4d645)
Signed-off-by: Michael Roth <michael.roth@amd.com>

2021-12-14 17:39:20 -06:00

..

hw/net/can: sja1000 fix buff2frame_bas and buff2frame_pel when dlc is out of std CAN 8 bytes

2021-08-02 12:19:18 +08:00

hw/net: fsl_etsec: Tx padding length should exclude CRC

2021-03-31 11:10:50 +11:00

net/rocker: use GDateTime for formatting timestamp in debug messages

2021-07-14 14:15:52 +01:00

allwinner_emac.c

hw/net: Make NetCanReceive() return a boolean

2020-03-31 21:14:35 +08:00

allwinner-sun8i-emac.c

hw/net/allwinner-sun8i-emac: traverse transmit queue using TX_CUR_DESC register value

2021-03-12 12:40:10 +00:00

cadence_gem.c

cadence_gem: switch to use qemu_receive_packet() for loopback

2021-03-15 16:41:22 +08:00

dp8393x.c

dp8393x: don't force 32-bit register access

2021-07-11 22:29:54 +02:00

e1000_regs.h

e1000: Rename the SEC symbol to SEQEC

2017-09-08 08:17:37 +08:00

e1000.c

hw/net: e1000: Correct the initial value of VET register

2021-08-02 12:19:18 +08:00

e1000e_core.c

hw/net: e1000e: Don't zero out the VLAN tag in the legacy RX descriptor

2021-08-02 12:19:18 +08:00

e1000e_core.h

e1000e: Fix Lesser GPL version number

2020-11-15 16:45:49 +01:00

e1000e.c

hw/net: e1000e: Correct the initial value of VET register

2021-08-02 12:19:18 +08:00

e1000x_common.c

e1000e: Fix Lesser GPL version number

2020-11-15 16:45:49 +01:00

e1000x_common.h

e1000e: Fix Lesser GPL version number

2020-11-15 16:45:49 +01:00

eepro100.c

Drop more @errp parameters after previous commit

2020-05-15 07:08:14 +02:00

etraxfs_eth.c

Use OBJECT_DECLARE_SIMPLE_TYPE when possible

2020-09-18 14:12:32 -04:00

ftgmac100.c

net: checksum: Introduce fine control over checksum type

2021-01-25 17:04:56 +08:00

i82596.c

Do not include sysemu/sysemu.h if it's not really necessary

2021-05-02 17:24:50 +02:00

i82596.h

hw/net: Make NetCanReceive() return a boolean

2020-03-31 21:14:35 +08:00

imx_fec.c

hw/net/imx_fec: return 0xffff when accessing non-existing PHY

2021-05-27 11:03:07 +08:00

Kconfig

hw/net/can: Correct Kconfig dependencies

2020-09-30 19:11:37 +02:00

lan9118.c

lan9118: switch to use qemu_receive_packet() for loopback

2021-03-15 16:41:22 +08:00

lance.c

Drop more @errp parameters after previous commit

2020-05-15 07:08:14 +02:00

lasi_i82596.c

Do not include sysemu/sysemu.h if it's not really necessary

2021-05-02 17:24:50 +02:00

mcf_fec.c

mcf_fec: Move mcf_fec_state typedef to header

2020-08-27 14:04:54 -04:00

meson.build

Drop the deprecated lm32 target

2021-05-12 18:20:25 +02:00

mipsnet.c

Use OBJECT_DECLARE_SIMPLE_TYPE when possible

2020-09-18 14:12:32 -04:00

msf2-emac.c

Do not include exec/address-spaces.h if it's not really necessary

2021-05-02 17:24:51 +02:00

ne2000-isa.c

Use OBJECT_DECLARE_SIMPLE_TYPE when possible

2020-09-18 14:12:32 -04:00

ne2000-pci.c

Drop more @errp parameters after previous commit

2020-05-15 07:08:14 +02:00

ne2000.c

Clean up inclusion of sysemu/sysemu.h

2019-08-16 13:31:53 +02:00

ne2000.h

Include hw/hw.h exactly where needed

2019-08-16 13:31:52 +02:00

net_rx_pkt.c

NetRxPkt: fix hash calculation of IPV6 TCP

2020-03-03 18:04:47 +08:00

net_rx_pkt.h

NetRxPkt: Introduce support for additional hash types

2020-03-03 18:04:47 +08:00

net_tx_pkt.c

hw/net/net_tx_pkt: Fix crash detected by fuzzer

2021-07-19 09:33:39 +02:00

net_tx_pkt.h

hw/net: Added plen fix for IPv6

2020-07-21 21:30:39 +08:00

npcm7xx_emc.c

net/npcm7xx_emc.c: Fix handling of receiving packets when RSDR not set

2021-03-30 14:05:33 +01:00

opencores_eth.c

Use OBJECT_DECLARE_SIMPLE_TYPE when possible

2020-09-18 14:12:32 -04:00

pcnet-pci.c

Remove superfluous timer_del() calls

2021-01-08 15:13:38 +00:00

pcnet.c

pcnet: switch to use qemu_receive_packet() for loopback

2021-03-15 16:41:22 +08:00

pcnet.h

lance: replace PROP_PTR with PROP_LINK

2020-01-07 17:24:29 +04:00

rtl8139.c

rtl8139: switch to use qemu_receive_packet() for loopback

2021-03-15 16:41:22 +08:00

smc91c111.c

Use OBJECT_DECLARE_SIMPLE_TYPE when possible

2020-09-18 14:12:32 -04:00

spapr_llan.c

Do not include cpu.h if it's not really necessary

2021-05-02 17:24:51 +02:00

stellaris_enet.c

Use OBJECT_DECLARE_SIMPLE_TYPE when possible

2020-09-18 14:12:32 -04:00

sungem.c

sungem: switch to use qemu_receive_packet() for loopback

2021-03-15 16:41:22 +08:00

sunhme.c

Use OBJECT_DECLARE_SIMPLE_TYPE when possible

2020-09-18 14:12:32 -04:00

trace-events

dp8393x: convert to trace-events

2021-07-02 17:35:08 +02:00

trace.h

trace: switch position of headers to what Meson requires

2020-08-21 06:18:24 -04:00

tulip.c

tulip: Move TulipState typedef to header

2020-08-27 14:04:54 -04:00

tulip.h

Use OBJECT_DECLARE_SIMPLE_TYPE when possible

2020-09-18 14:12:32 -04:00

vhost_net-stub.c

vhost_net: introduce set_config & get_config

2020-07-03 07:57:04 -04:00

vhost_net.c

vhost: Distinguish errors in vhost_dev_get_config()

2021-06-30 13:18:42 +02:00

virtio-net.c

virtio-net: fix use after unmap/free for sg

2021-12-14 08:56:31 -06:00

vmware_utils.h

hw/net/vmxnet3: Fix code to work on big endian hosts, too

2017-11-20 11:08:00 +08:00

vmxnet3_defs.h

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00

vmxnet3.c

net: vmxnet3: validate configuration values during activate (CVE-2021-20203)

2021-12-14 17:39:20 -06:00

vmxnet3.h

hw/net/vmxnet3: Fix code to work on big endian hosts, too

2017-11-20 11:08:00 +08:00

vmxnet_debug.h

Clean up ill-advised or unusual header guards

2016-07-12 16:20:46 +02:00

xen_nic.c

Revert "net: Move NetClientState.info_str to dynamic allocations"

2021-04-08 17:33:59 +08:00

xgmac.c

hw: Do not include qemu/log.h if it is not necessary

2021-05-02 17:24:50 +02:00

xilinx_axienet.c

hw/net/xilinx_axienet: Rename StreamSlave as StreamSink

2020-12-10 12:15:04 -05:00

xilinx_ethlite.c

Use DECLARE_*CHECKER* macros

2020-09-09 09:27:09 -04:00