[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] virtio: abort on zero config length
From: |
Eric Blake |
Subject: |
Re: [Qemu-devel] [PATCH] virtio: abort on zero config length |
Date: |
Fri, 26 Apr 2013 04:32:11 -0600 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130402 Thunderbird/17.0.5 |
On 04/25/2013 11:06 PM, Jason Wang wrote:
>>> if (addr > (vdev->config_len - sizeof(val)))
>>>
>>> ^^^^^^^^^ quiz: spot a bug above if config_len is 0 :)
>> Then we need to fix these bugs and allocate a CVE. virtio-rng has
>> shipped. This code is also dumb.
>
> Ok, but since the discussion is in public list, no need for CVE then.
Wrong. CVEs are useful even for publicly disclosed bugs. It tells
people whether they need to upgrade in order to avoid a vulnerability.
What we don't need is embargo. But we do need a CVE.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
- [Qemu-devel] [PATCH] virtio: abort on zero config length, Jason Wang, 2013/04/25
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Michael S. Tsirkin, 2013/04/25
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Anthony Liguori, 2013/04/25
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Michael S. Tsirkin, 2013/04/25
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Anthony Liguori, 2013/04/25
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Jason Wang, 2013/04/26
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length,
Eric Blake <=
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Jason Wang, 2013/04/26
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Michael S. Tsirkin, 2013/04/26
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Anthony Liguori, 2013/04/26
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Laszlo Ersek, 2013/04/26