|
| From: | Alexander Popov |
| Subject: | Re: [Qemu-block] [QEMU-SECURITY] ide: fix assertion in ide_dma_cb() to prevent qemu DoS from quest |
| Date: | Fri, 5 Jul 2019 17:13:06 +0300 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 |
On 05.07.2019 17:07, Alexander Popov wrote: > This assertion was introduced in the commit a718978ed58a in July 2015. > It implies that the size of successful DMA transfers handled in > ide_dma_cb() should be multiple of 512 (the size of a sector). > > But guest systems can initiate DMA transfers that don't fit this > requirement. Let's improve the assertion to prevent qemu DoS from quests. Hello everyone! This bug was not considered as a security issue by QEMU security team, so I send this patch to the public mailing list. Best regards, Alexander
| [Prev in Thread] | Current Thread | [Next in Thread] |