]> Git Repo - qemu.git/commit
projects / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9436e08) | patch
nvme: fix oob access issue(CVE-2018-16847)
authorLi Qiang <[email protected]>
Fri, 2 Nov 2018 01:22:43 +0000 (18:22 -0700)
committerKevin Wolf <[email protected]>
Mon, 19 Nov 2018 11:51:16 +0000 (12:51 +0100)
commit5e3c0220d7e4f0361c4d36c697a8842f2b583402
tree0b640cc5db681adc5ee152ac0d35b1054573da63tree | snapshot
parent9436e082de18b2fb2ceed2e9d1beef641ae64f23commit | diff
nvme: fix oob access issue(CVE-2018-16847)

Currently, the nvme_cmb_ops mr doesn't check the addr and size.
This can lead an oob access issue. This is triggerable in the guest.
Add check to avoid this issue.

Fixes CVE-2018-16847.

Reported-by: Li Qiang <[email protected]>
Reviewed-by: Paolo Bonzini <[email protected]>
Signed-off-by: Li Qiang <[email protected]>
Signed-off-by: Kevin Wolf <[email protected]>
hw/block/nvme.c diff | blob | blame | history
Empty description
This page took 0.023435 seconds and 4 git commands to generate.