Re: [PATCH] display/qxl-render: fix race condition in qxl

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] display/qxl-render: fix race condition in qxl_cursor (CVE-20

From:	Gerd Hoffmann
Subject:	Re: [PATCH] display/qxl-render: fix race condition in qxl_cursor (CVE-2022-4207)
Date:	Tue, 5 Apr 2022 13:10:36 +0200

On Tue, Apr 05, 2022 at 12:35:05PM +0200, Mauro Matteo Cascella wrote:
> Avoid fetching 'width' and 'height' a second time to prevent possible
> race condition. Refer to security advisory
> https://starlabs.sg/advisories/22-4207/ for more information.
> 
> Fixes: CVE-2022-4207
> Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com>

Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>

take care,
  Gerd

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] display/qxl-render: fix race condition in qxl_cursor (CVE-2022-4207), Mauro Matteo Cascella, 2022/04/05
- Re: [PATCH] display/qxl-render: fix race condition in qxl_cursor (CVE-2022-4207), Marc-André Lureau, 2022/04/05
- Re: [PATCH] display/qxl-render: fix race condition in qxl_cursor (CVE-2022-4207), Gerd Hoffmann <=

Prev by Date: Re: [PATCH] ui/cursor: fix integer overflow in cursor_alloc (CVE-2022-4206)
Next by Date: [PATCH] hw/ppc/ppc405_boards: Initialize g_autofree pointer
Previous by thread: Re: [PATCH] display/qxl-render: fix race condition in qxl_cursor (CVE-2022-4207)
Next by thread: [PULL 00/10] QAPI patches patches for 2022-04-05
Index(es):
- Date
- Thread