qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 0/4] vmsvga: security fixes


From: Gerd Hoffmann
Subject: [Qemu-devel] [PATCH 0/4] vmsvga: security fixes
Date: Mon, 30 May 2016 09:09:17 +0200

  Hi,

Here comes a series for the vmware svga, fixing security issues in the
fifo handling:

  CVE-2016-4453 qemu: Infinite loop in vmsvga_fifo_run() function
  CVE-2016-4454 qemu: Out-of-bounds read in vmsvga_fifo_read_raw() function 

please review,
  Gerd

Gerd Hoffmann (4):
  vmsvga: move fifo sanity checks to vmsvga_fifo_length
  vmsvga: add more fifo checks
  vmsvga: shadow fifo registers
  vmsvga: don't process more than 1024 fifo commands at once

 hw/display/vmware_vga.c | 78 ++++++++++++++++++++++++++-----------------------
 1 file changed, 41 insertions(+), 37 deletions(-)

-- 
1.8.3.1




reply via email to

[Prev in Thread] Current Thread [Next in Thread]