Re: [PATCH for-7.0] virtio-iommu: use-after-free fix

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH for-7.0] virtio-iommu: use-after-free fix

From:	Michael S. Tsirkin
Subject:	Re: [PATCH for-7.0] virtio-iommu: use-after-free fix
Date:	Thu, 7 Apr 2022 10:50:09 -0400

On Thu, Apr 07, 2022 at 11:03:16AM +0100, Peter Maydell wrote:
> On Thu, 7 Apr 2022 at 10:52, Michael S. Tsirkin <mst@redhat.com> wrote:
> >
> > From: Wentao Liang <Wentao_Liang_g@163.com>
> >
> > A potential Use-after-free was reported in virtio_iommu_handle_command
> > when using virtio-iommu:
> >
> > > I find a potential Use-after-free in QEMU 6.2.0, which is in
> > > virtio_iommu_handle_command() (./hw/virtio/virtio-iommu.c).
> 
> So, this isn't a regression. Do you think it's critically necessary
> it goes in 7.0, or is it in the category "put it into 7.0 if we
> need an rc4 for some other reason anyway" ?
> 
> (I have a feeling we'll need an rc4, but we'll see.)
> 
> thanks
> -- PMM

I am concerned it can be used to trigger a CVE but I could not
find a way. So I would say if there's an rc4 pls include it
but if not then we can pick it up in stable.

-- 
MST

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH for-7.0] virtio-iommu: use-after-free fix, Michael S. Tsirkin, 2022/04/07
- Re: [PATCH for-7.0] virtio-iommu: use-after-free fix, Peter Maydell, 2022/04/07
  - Re: [PATCH for-7.0] virtio-iommu: use-after-free fix, Michael S. Tsirkin <=
    - Re: [PATCH for-7.0] virtio-iommu: use-after-free fix, Peter Maydell, 2022/04/09

Prev by Date: Re: [PATCH] x86: Implement Linear Address Masking support
Next by Date: [RFC PATCH] tests/qtest: pass stdout/stderr down to subtests
Previous by thread: Re: [PATCH for-7.0] virtio-iommu: use-after-free fix
Next by thread: Re: [PATCH for-7.0] virtio-iommu: use-after-free fix
Index(es):
- Date
- Thread