Hi,
Will you assign a cve to this vulnerability.
This issue has the possibility to remote code execution, and many IAAS providers use qemu prior version 2.4.
Donghai.
------------------------------------------------------------------
From:P J P <address@hidden>
Send Time:2016年1月6日(星期三) 02:08
To:Qemu devel <address@hidden>
Cc:Stefan Weil <address@hidden>,Peter Maydell <address@hidden>,朱东海(启路) <address@hidden>
Subject:Re: [Qemu-devel] [PATCH for v2.3.0] fw_cfg: add check to validate current entry value
+-- On Tue, 5 Jan 2016, P J P wrote --+
| An OOB r/w access issue was reported by Mr Donghai Zdh, CC'd here.
Mr Donghai CC'd now.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F