qemu-stable
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-stable] [Qemu-devel] [PATCH] fdc: force the fifo access to be


From: Peter Lieven
Subject: Re: [Qemu-stable] [Qemu-devel] [PATCH] fdc: force the fifo access to be in bounds of the allocated buffer
Date: Wed, 13 May 2015 21:30:25 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0

Am 13.05.2015 um 21:09 schrieb Stefan Priebe:
> Am 13.05.2015 um 21:05 schrieb Stefan Weil:
>> Am 13.05.2015 um 20:59 schrieb Stefan Priebe:
>>>
>>> Am 13.05.2015 um 20:51 schrieb Stefan Weil:
>>>> Hi,
>>>>
>>>> I just noticed this patch because my provider told me that my KVM based
>>>> server
>>>> needs a reboot because of a CVE (see this German news:
>>>> http://www.heise.de/newsticker/meldung/Venom-Schwachstelle-Aus-Hypervisor-ausbrechen-und-VMs-ausspionieren-2649614.html)
>>>>
>>>
>>> Isn't a live migration to a fixed version enough instead of a reboot?
>>>
>>> Stefan
>>
>> Good point. A live migration would be sufficient - if there are no bugs
>> in QEMU's live migration.
>
> just migrating all our customer machines and wanted to be sure that live 
> migration is enough.

Just to confirm: If Qemu is started with -nodefaults and there is no fdc 
configuration the system is not affected by this CVE?

Thanks,
Peter



reply via email to

[Prev in Thread] Current Thread [Next in Thread]