[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 0/2] hw/sd/sdcard: Fix CVE-2020-13253 (Do not allow invalid SD ca
From: |
Philippe Mathieu-Daudé |
Subject: |
[PATCH 0/2] hw/sd/sdcard: Fix CVE-2020-13253 (Do not allow invalid SD card sizes) |
Date: |
Tue, 7 Jul 2020 15:21:14 +0200 |
Part 1 is already reviewed:
https://www.mail-archive.com/qemu-devel@nongnu.org/msg718150.html
However the CVE fix break Linux guests:
https://www.mail-archive.com/qemu-devel@nongnu.org/msg720737.html
This series fixes that, by checking the SD card image size is
correct.
Based-on: <20200630133912.9428-1-f4bug@amsat.org>
Philippe Mathieu-Daudé (2):
tests/acceptance/boot_linux: Truncate SD card image to power of 2
hw/sd/sdcard: Do not allow invalid SD card sizes
hw/sd/sd.c | 16 ++++++++++++++++
tests/acceptance/boot_linux_console.py | 15 +++++++++++++++
2 files changed, 31 insertions(+)
--
2.21.3
- [PATCH 0/2] hw/sd/sdcard: Fix CVE-2020-13253 (Do not allow invalid SD card sizes),
Philippe Mathieu-Daudé <=