[Spice-devel] [CVE-2014-3615 PATCH v2 0/3] vbe: bochs dispi interface fixes
Gerd Hoffmann
kraxel at redhat.com
Thu Sep 4 00:04:30 PDT 2014
Hi,
Two fixes for the bochs dispi interface, one of them fixing a minor
security issue.
New in v2: Got a CVE number. Investigation & patch review found a
related issue in the spice code, so there is an additional patch.
/me plans to send a pull tomorrow, so this can go in fast enougth for
being cherry-picked into stable for the qemu 2.1.1 release.
please review,
Gerd
Gerd Hoffmann (3):
vbe: make bochs dispi interface return the correct memory size with
qxl
vbe: rework sanity checks
spice: make sure we don't overflow ssd->buf
hw/display/qxl.c | 1 +
hw/display/vga.c | 159 ++++++++++++++++++++++++++++++++-------------------
hw/display/vga_int.h | 1 +
ui/spice-display.c | 16 ++++--
4 files changed, 113 insertions(+), 64 deletions(-)
--
1.8.3.1
More information about the Spice-devel
mailing list