[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PULL 0/8] Fix CVE-2021-3611 and heap overflow in sdhci code
From: |
Peter Maydell |
Subject: |
Re: [PULL 0/8] Fix CVE-2021-3611 and heap overflow in sdhci code |
Date: |
Tue, 22 Mar 2022 22:58:11 +0000 |
On Mon, 21 Mar 2022 at 17:03, Thomas Huth <thuth@redhat.com> wrote:
>
> The following changes since commit 2058fdbe81e2985c226a026851dd26b146d3395c:
>
> Merge tag 'fixes-20220318-pull-request' of git://git.kraxel.org/qemu into
> staging (2022-03-19 11:28:54 +0000)
>
> are available in the Git repository at:
>
> https://gitlab.com/thuth/qemu.git tags/pull-request-2022-03-21
>
> for you to fetch changes up to 27801168ecbb34b987d2e92a12369367bf9ac2bf:
>
> tests/qtest/fuzz-sdcard-test: Add reproducer for OSS-Fuzz (Issue 29225)
> (2022-03-21 14:05:42 +0100)
>
> ----------------------------------------------------------------
> * Fix stack-overflow due to recursive DMA in intel-hda (CVE-2021-3611)
> * Fix heap overflow due to recursive DMA in sdhci code
>
> ----------------------------------------------------------------
>
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/7.0
for any user-visible changes.
-- PMM
- [PULL 0/8] Fix CVE-2021-3611 and heap overflow in sdhci code, Thomas Huth, 2022/03/21
- [PULL 1/8] softmmu/physmem: Simplify flatview_write and address_space_access_valid, Thomas Huth, 2022/03/21
- [PULL 3/8] hw/audio/intel-hda: Do not ignore DMA overrun errors, Thomas Huth, 2022/03/21
- [PULL 2/8] softmmu/physmem: Introduce MemTxAttrs::memory field and MEMTX_ACCESS_ERROR, Thomas Huth, 2022/03/21
- [PULL 4/8] hw/audio/intel-hda: Restrict DMA engine to memories (not MMIO devices), Thomas Huth, 2022/03/21
- [PULL 6/8] hw/sd/sdhci: Honor failed DMA transactions, Thomas Huth, 2022/03/21
- [PULL 7/8] hw/sd/sdhci: Prohibit DMA accesses to devices, Thomas Huth, 2022/03/21
- [PULL 5/8] tests/qtest/intel-hda-test: Add reproducer for issue #542, Thomas Huth, 2022/03/21
- [PULL 8/8] tests/qtest/fuzz-sdcard-test: Add reproducer for OSS-Fuzz (Issue 29225), Thomas Huth, 2022/03/21
- Re: [PULL 0/8] Fix CVE-2021-3611 and heap overflow in sdhci code,
Peter Maydell <=