[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH-for-6.2 v2 0/2] hw/block/fdc: Fix CVE-2021-20196
From: |
Darren Kenny |
Subject: |
Re: [PATCH-for-6.2 v2 0/2] hw/block/fdc: Fix CVE-2021-20196 |
Date: |
Thu, 18 Nov 2021 10:45:23 +0000 |
Hi Philippe,
Apart from a nit on patch 1, all looks good, so:
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Thanks,
Darren.
On Thursday, 2021-11-18 at 00:24:20 +01, Philippe Mathieu-Daudé wrote:
> I'm not sure what happened to v1 from Prasad, so since we are
> at rc2 I took a simpler approach to fix this CVE: create an
> empty drive to satisfy the BlockBackend API calls.
>
> Added Alexander's reproducer along.
>
> v1:
> https://lore.kernel.org/qemu-devel/20210123100345.642933-1-ppandit@redhat.com/
>
> Alexander Bulekov (1):
> tests/qtest/fdc-test: Add a regression test for CVE-2021-20196
>
> Philippe Mathieu-Daudé (1):
> hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196
>
> hw/block/fdc.c | 14 +++++++++++++-
> tests/qtest/fdc-test.c | 21 +++++++++++++++++++++
> 2 files changed, 34 insertions(+), 1 deletion(-)
>
> --
> 2.31.1