Re: [PATCH-for-6.2 0/2] hw/block/fdc: Fix CVE-2021-3507

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH-for-6.2 0/2] hw/block/fdc: Fix CVE-2021-3507

From:	Jon Maloy
Subject:	Re: [PATCH-for-6.2 0/2] hw/block/fdc: Fix CVE-2021-3507
Date:	Sun, 6 Feb 2022 14:19:22 -0500
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.3.0

Trying again with correct email address.
///jon

On 2/6/22 14:15, Jon Maloy wrote:



On 1/27/22 15:14, Jon Maloy wrote:


On 11/18/21 06:57, Philippe Mathieu-Daudé wrote:

Trivial fix for CVE-2021-3507.

Philippe Mathieu-Daudé (2):
   hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507)
   tests/qtest/fdc-test: Add a regression test for CVE-2021-3507

  hw/block/fdc.c         |  8 ++++++++
  tests/qtest/fdc-test.c | 20 ++++++++++++++++++++
  2 files changed, 28 insertions(+)

Series
Acked-by: Jon Maloy <jmaloy@redhat.com>


Philippe,

I hear from other sources that you earlier have qualified this one as"incomplete".I am of course aware that this one, just like my own patch, is just amitigation and not a complete correction of the erroneous calculation.

Or did you have anything else in mind?

Regards
///jon

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH-for-6.2 0/2] hw/block/fdc: Fix CVE-2021-3507, John Snow, 2022/02/04
- Re: [PATCH-for-6.2 0/2] hw/block/fdc: Fix CVE-2021-3507, Jon Maloy, 2022/02/06
  - Re: [PATCH-for-6.2 0/2] hw/block/fdc: Fix CVE-2021-3507, Jon Maloy <=

Prev by Date: Re: [PATCH-for-6.2 0/2] hw/block/fdc: Fix CVE-2021-3507
Next by Date: [PATCH] block/vvfat: Fix memleaks in vvfat_close()
Previous by thread: Re: [PATCH-for-6.2 0/2] hw/block/fdc: Fix CVE-2021-3507
Next by thread: [PULL 02/32] hw/i386: Add the possibility to disable the 'isapc' machine
Index(es):
- Date
- Thread