[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 0/4] Fix buffer overflow for packet greater than
|
From: |
Michael S. Tsirkin |
|
Subject: |
Re: [Qemu-devel] [PATCH 0/4] Fix buffer overflow for packet greater than INT_MAX |
|
Date: |
Tue, 25 Sep 2018 10:13:38 -0400 |
On Tue, Sep 25, 2018 at 03:23:23PM +0800, Jason Wang wrote:
> Hi:
>
> This series tries to address the buffer overflow caused by converting
> from size_t to int in several nic model and net core. This is
> CVE-2018-10839.
>
> Please review.
>
> Thanks
Reviewed-by: Michael S. Tsirkin <address@hidden>
> Jason Wang (4):
> ne2000: fix possible out of bound access in ne2000_receive
> rtl8139: fix possible out of bound access
> pcnet: fix possible buffer overflow
> net: ignore packet size greater than INT_MAX
>
> hw/net/ne2000.c | 4 ++--
> hw/net/pcnet.c | 4 ++--
> hw/net/rtl8139.c | 8 ++++----
> net/net.c | 7 ++++++-
> 4 files changed, 14 insertions(+), 9 deletions(-)
>
> --
> 2.17.1