Re: [PATCH v1] hw/pvrdma: Protect against buggy or malicious guest driver

[Red Hat Product Security]

Hello!

INC2534320 ([PATCH v1] hw/pvrdma: Protect against buggy or malicious guest driver) has been closed.

Opened for: yuval.shaia.ml@gmail.com
Followers: qemu-devel@nongnu.org, soulchen8650@gmail.com, Mauro Matteo Cascella, qemu-security@nongnu.org, yuval.shaia.ml@gmail.com, marcel.apfelbaum@gmail.com

A Guest updated your request with the following comments:

Reply from: mjt@tls.msk.ru

 

01.03.2023 17:29, Yuval Shaia wrote:

> Guest driver allocates and initialize page tables to be used as a ring

> of descriptors for CQ and async events.

> The page table that represents the ring, along with the number of pages

> in the page table is passed to the device.

> Currently our device supports only one page table for a ring.

>

> Let's make sure that the number of page table entries the driver

> reports, do not exceeds the one page table size.

>

> Reported-by: Soul Chen <soulchen8650@gmail.com>

> Signed-off-by: Yuval Shaia <yuval.shaia.ml@gmail.com>

> ---

> v0 -> v1:

> * Take ring-state into account

> * Add Reported-by

> ---

> hw/rdma/vmw/pvrdma_main.c | 16 +++++++++++++++-

> 1 file changed, 15 insertions(+), 1 deletion(-)

 

Fixes: CVE-2023-1544

 

Ping ^2?

Laurent, maybe you can take this one too?

I understand the fact you picked up the previous one in this area

does not make you pvrdma maintainer, but it is definitely being stuck.. :)

 

/mjt

How can I track and update my request?

We want to make sure we have provided you with a complete resolution.

If you feel that your request should not be closed yet, then please reply to this email and let us know.

Thank you,
Product Security

 

Ref:MSG74315854