Re: [PATCH v4 5/9] pcie_sriov: Validate NumVFs

qemu-stable

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v4 5/9] pcie_sriov: Validate NumVFs

From:	Michael Tokarev
Subject:	Re: [PATCH v4 5/9] pcie_sriov: Validate NumVFs
Date:	Wed, 14 Feb 2024 18:53:43 +0300
User-agent:	Mozilla Thunderbird

14.02.2024 17:54, Akihiko Odaki wrote:

On 2024/02/14 17:58, Michael Tokarev wrote:
14.02.2024 08:13, Akihiko Odaki wrote:
The guest may write NumVFs greater than TotalVFs and that can lead
to buffer overflow in VF implementations.
This seems to be stable-worthy (Cc'd), and maybe even CVE-worthy?
Perhaps so. The scope of the bug is limited to emulated SR-IOV devices, and I think nobody use them except for development, but it may be still niceto have a CVE.
Can anyone help assign a CVE? I don't know the procedure.


Heh. Usually I ask exactly the opposite question: how to avoid assigning
a CVE# for a non-issue which they most likely think is a serious security
bug?  We've plenty of these in qemu, collecting dust for years...  For
example, for things like some actions by privileged guest process (or kernel)
which leads to qemu dying with assertion failure, which, on a real HW, will
cause hardware lockup.

Nope, I don't remember how to request a CVE ;)

/mjt

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v4 5/9] pcie_sriov: Validate NumVFs, Michael Tokarev, 2024/02/14
- Re: [PATCH v4 5/9] pcie_sriov: Validate NumVFs, Akihiko Odaki, 2024/02/14
  - Re: [PATCH v4 5/9] pcie_sriov: Validate NumVFs, Michael Tokarev <=
    - Re: [PATCH v4 5/9] pcie_sriov: Validate NumVFs, Michael S. Tsirkin, 2024/02/14
    - Re: [PATCH v4 5/9] pcie_sriov: Validate NumVFs, Akihiko Odaki, 2024/02/17

Prev by Date: Re: [PULL 00/12] Hppa64 patches
Next by Date: Re: [PATCH v4 5/9] pcie_sriov: Validate NumVFs
Previous by thread: Re: [PATCH v4 5/9] pcie_sriov: Validate NumVFs
Next by thread: Re: [PATCH v4 5/9] pcie_sriov: Validate NumVFs
Index(es):
- Date
- Thread