slackcoder/qemu - QEMU is a generic and open source machine & userspace emulator and virtualizer

diff options

author	Prasad J Pandit <pjp@fedoraproject.org>	2021-01-18 17:21:30 +0530
committer	Paolo Bonzini <pbonzini@redhat.com>	2021-01-23 09:26:40 -0500
commit	b8d7f1bc59276fec85e4d09f1567613a3e14d31e (patch)
tree	f1ab21d5110b354e6f6d50fc13025829d7bab30a /configure
parent	bbf901914170c6ee423beb3b8c510038c16d082f (diff)

ide: atapi: check logical block address and read size (CVE-2020-29443)

While processing ATAPI cmd_read/cmd_read_cd commands, Logical Block Address (LBA) maybe invalid OR closer to the last block, leading to an OOB access issues. Add range check to avoid it. Fixes: CVE-2020-29443 Reported-by: Wenxiang Qian <leonwxqian@gmail.com> Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Message-Id: <20210118115130.457044-1-ppandit@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Diffstat (limited to 'configure')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: