[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH-for-5.0 1/2] hw/display/sm501: Avoid heap overflow in sm501_2
From: |
Philippe Mathieu-Daudé |
Subject: |
Re: [PATCH-for-5.0 1/2] hw/display/sm501: Avoid heap overflow in sm501_2d_operation() |
Date: |
Sun, 12 Apr 2020 22:53:18 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 |
On 4/11/20 11:36 PM, Peter Maydell wrote:
> On Sat, 11 Apr 2020 at 20:45, Philippe Mathieu-Daudé <address@hidden> wrote:
>> Buffer overflows are security issues because they allow attacker to
>> arbitrarily write data in the process memory, and eventually take
>> control of it. When attacker takes control, it can access underlying
>> private data.
>
> Note that for QEMU our security boundary is "VMs using KVM"; so
> buffer overflows are a security issue in code and devices that
> you can use in a KVM setup (including pluggable devices like
> PCI devices) but not devices you can only use in a TCG setup
> (where they're just bugs, though obviously ones we should
> fix sooner rather than later).
"VMs using KVM" as security boundary is very clear, thanks.
Note 1: This this doesn't appear on the QEMU security process
description: https://www.qemu.org/contribute/security-process/
Note 2: If a reported bug is not in security boundary, it should be
reported as a bug to mainstream QEMU, to give the community a chance to
fix it.
Regards,
Phil.
>
> thanks
> -- PMM
>