[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] virtio: abort on zero config length

From: Michael S. Tsirkin
Subject: Re: [Qemu-devel] [PATCH] virtio: abort on zero config length
Date: Fri, 26 Apr 2013 15:31:24 +0300

On Fri, Apr 26, 2013 at 06:33:33PM +0800, Jason Wang wrote:
> On 04/26/2013 06:32 PM, Eric Blake wrote:
> > On 04/25/2013 11:06 PM, Jason Wang wrote:
> >>>>     if (addr > (vdev->config_len - sizeof(val)))
> >>>>
> >>>> ^^^^^^^^^ quiz: spot a bug above if config_len is 0    :)
> >>> Then we need to fix these bugs and allocate a CVE.  virtio-rng has
> >>> shipped.  This code is also dumb.
> >> Ok, but since the discussion is in public list, no need for CVE then.
> > Wrong.  CVEs are useful even for publicly disclosed bugs.  It tells
> > people whether they need to upgrade in order to avoid a vulnerability.
> >
> > What we don't need is embargo.  But we do need a CVE.
> >
> True, thanks for the correction.

I think we never shipped QEMU release with this bug.  So no need for
CVEs.  I'm not sure upstream has to bother with CVEs - we can just say
this is downstream work.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]