[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v6 5/5] stellaris_enet: block migration
|
From: |
Michael S. Tsirkin |
|
Subject: |
Re: [Qemu-devel] [PATCH v6 5/5] stellaris_enet: block migration |
|
Date: |
Mon, 28 Apr 2014 16:24:06 +0300 |
On Mon, Apr 28, 2014 at 02:09:50PM +0100, Peter Maydell wrote:
> On 28 April 2014 14:08, Michael S. Tsirkin <address@hidden> wrote:
> > Incoming migration with stellaris_enet is unsafe.
> > It's being reworked, but for now, simply block it
> > since noone is using it anyway.
> > Block outgoing migration for good measure.
> >
> > CVE-2013-4532
> >
> > Signed-off-by: Michael S. Tsirkin <address@hidden>
> > ---
> > hw/net/stellaris_enet.c | 11 ++++++++++-
> > 1 file changed, 10 insertions(+), 1 deletion(-)
>
> This is going to clash with the stellaris patches
> I just sent out, so I don't really want to apply it
> to master.
Yes 5/5 is just for stable, sorry about the confusion.
> You could apply it just to stable if you
> like, I suppose, but personally I wouldn't bother.
>
> thanks
> -- PMM
I'll leave that for mdroth to decide - he was the one that reported
the original CVE.
--
MST
- [Qemu-devel] [PATCH v6 0/5] state loading cves: incremental updates, Michael S. Tsirkin, 2014/04/28
- [Qemu-devel] [PATCH v6 1/5] ssi-sd: fix buffer overrun on invalid state load, Michael S. Tsirkin, 2014/04/28
- [Qemu-devel] [PATCH v6 2/5] openpic: avoid buffer overrun on incoming migration, Michael S. Tsirkin, 2014/04/28
- [Qemu-devel] [PATCH v6 3/5] virtio-net: out-of-bounds buffer write on load, Michael S. Tsirkin, 2014/04/28
- [Qemu-devel] [PATCH v6 4/5] virtio: validate config_len on load, Michael S. Tsirkin, 2014/04/28
- [Qemu-devel] [PATCH v6 5/5] stellaris_enet: block migration, Michael S. Tsirkin, 2014/04/28