[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Ask for suggestions for CVE-2019-12928

From: 江芳杰
Subject: Ask for suggestions for CVE-2019-12928
Date: Mon, 11 Jan 2021 23:43:53 +0800 (CST)

    Sorry to bother you~
    I have read the discussions about CVE--2019-12928 ( https://lists.gnu.org/archive/html/qemu-devel/2019-07/msg01153.html).
But, for the scenario of PC users, which is no requirement of network access to QMP, there are some mitigating proposes.
1. Modify the compilation options to disable QMP.
2. Modify command line parsing function to discard the QMP parameters with network configurations.
3. PC manager or other manage software make sure only the trusted user can use QMP.
4. Other ideas?
I want to have your suggestions.
Best regards.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]