slackcoder/qemu - QEMU is a generic and open source machine & userspace emulator and virtualizer

diff options

author	Prasad J Pandit <pjp@fedoraproject.org>	2021-01-30 18:46:52 +0530
committer	Jason Wang <jasowang@redhat.com>	2021-11-19 11:43:47 +0800
commit	d05dcd94aee88728facafb993c7280547eb4d645 (patch)
tree	cbf25f7888dd78e4e57050732219e5edb6716898 /crypto/random-platform.c
parent	44a3aa0608f01274418487b655d42467c1d8334e (diff)

net: vmxnet3: validate configuration values during activate (CVE-2021-20203)

While activating device in vmxnet3_acticate_device(), it does not validate guest supplied configuration values against predefined minimum - maximum limits. This may lead to integer overflow or OOB access issues. Add checks to avoid it. Fixes: CVE-2021-20203 Buglink: https://bugs.launchpad.net/qemu/+bug/1913873 Reported-by: Gaoning Pan <pgn@zju.edu.cn> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Signed-off-by: Jason Wang <jasowang@redhat.com>

Diffstat (limited to 'crypto/random-platform.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: