qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 0/4] CVE-2008-0928 security fix


From: Eduardo Habkost
Subject: [Qemu-devel] [PATCH 0/4] CVE-2008-0928 security fix
Date: Thu, 19 Feb 2009 18:19:32 -0300

Hi,

This series is another try to fix CVE-2008-0928 on Qemu, a security
vulnerability that is present since a long time. The first 3 patches are
simple changes to make the way to the last patch, that is the actual fix.

This fix is similar to the previous fix tat was present on Qemu SVN
previously, but changes BlockDriverState to store total_bytes
instead of total_sectors. This should avoid problems when byte-based
reads are done on some devices, such as on qcow case. The check
based on sector range done on the previous fix caused problems for qcow,
as documented at:

https://bugzilla.redhat.com/show_bug.cgi?id=485148

The previous fix was reverted almost a year ago but no alternative
fix was committed since then. Not having a fix to the vulnerability
upstream causes pain to users of the upstream code (who have a vulnerable
Qemu) and developers of distributions including Qemu code (who have to
carry and forward-port the fix themselves).

-- 
Eduardo




reply via email to

[Prev in Thread] Current Thread [Next in Thread]