[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: cve patch wanted
|
From: |
Michael Roth |
|
Subject: |
Re: cve patch wanted |
|
Date: |
Mon, 13 Jul 2020 17:40:27 -0500 |
|
User-agent: |
alot/0.7 |
Quoting Philippe Mathieu-Daudé (2020-07-13 03:16:37)
> Hi,
>
> On 7/11/20 2:28 PM, 林奕帆 wrote:
> > Hello
> > I am a student from Fudan University in China. I am doing research on
> > CVE patch recently. But i can not find the PATCH COMMIT of
> > CVE-2019-12247 cve-2019-12155 cve-2019-6778.Can you give me the commit
> > fix this cve?
>
> * CVE-2019-12247
>
> I don't know about this one, maybe related to CVE-2018-12617 fixed
> by commit 1329651fb4 ("qga: Restrict guest-file-read count to 48 MB")
> Cc'ing Michael for CVE-2019-12247.
For CVE-2019-12247 is was determined the existing limits for input to
QEMU's QMP parser make it non-exploitable:
https://bugzilla.redhat.com/show_bug.cgi?id=1712834
A patch to enforce/document some set limits rather than relying on
parser error messages (like what was done with 1329651fb4 for CVE-2018-12617)
might be nice, but it doesn't appear to be a security risk.
>
> * CVE-2019-12155
>
> I don't have access to the information (still marked 'private'
> one year after), but I *guess* it has been fixed by commit
> d52680fc93 ("qxl: check release info object").
> Cc'ing Gerd and Prasad.
>
> * CVE-2019-6778
>
> This one is in SLiRP, Cc'ing Samuel and Marc-André.
>