[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] e1000: eliminate infinite loops on out-of-bound
From: |
Jason Wang |
Subject: |
Re: [Qemu-devel] [PATCH] e1000: eliminate infinite loops on out-of-bounds transfer start |
Date: |
Thu, 28 Jan 2016 13:47:03 +0800 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 |
On 01/28/2016 02:35 AM, Laszlo Ersek wrote:
> Hello Jason,
>
> On 01/22/16 07:15, Jason Wang wrote:
>>
>> On 01/22/2016 02:11 PM, Michael Tokarev wrote:
>>> 22.01.2016 06:09, Jason Wang wrote:
>>>> On 01/19/2016 09:17 PM, Laszlo Ersek wrote:
>>>>> The start_xmit() and e1000_receive_iov() functions implement DMA transfers
>>>>> iterating over a set of descriptors that the guest's e1000 driver
>>>>> prepares:
>>> ...
>>>> Applied in my -net.
>>> This is CVE-2016-1981, btw.
>>>
>>> /mjt
>>>
>> Add this into commit log.
> do you plan to send a PULL req soon? The patch is not really urgent, but
> it would help me move forward with my queue.
>
> Thanks!
> Laszlo
>
Plan to send it next Tuesday. But if you wish, I can send it tomorrow.
Thanks