Searched hist:"46485 de0" (Results 1 – 3 of 3) sorted by relevance
| /openbmc/qemu/tests/qemu-iotests/ |
| H A D | 092.out | 46485de0 Thu May 08 06:08:20 CDT 2014 Kevin Wolf <kwolf@redhat.com> qcow1: Validate image size (CVE-2014-0223)
A huge image size could cause s->l1_size to overflow. Make sure that
images never require a L1 table larger than what fits in s->l1_size.
This cannot only cause unbounded allocations, but also the allocation of
a too small L1 table, resulting in out-of-bounds array accesses (both
reads and writes).
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
| H A D | 092 | 46485de0 Thu May 08 06:08:20 CDT 2014 Kevin Wolf <kwolf@redhat.com> qcow1: Validate image size (CVE-2014-0223)
A huge image size could cause s->l1_size to overflow. Make sure that
images never require a L1 table larger than what fits in s->l1_size.
This cannot only cause unbounded allocations, but also the allocation of
a too small L1 table, resulting in out-of-bounds array accesses (both
reads and writes).
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
| /openbmc/qemu/block/ |
| H A D | qcow.c | 46485de0 Thu May 08 06:08:20 CDT 2014 Kevin Wolf <kwolf@redhat.com> qcow1: Validate image size (CVE-2014-0223)
A huge image size could cause s->l1_size to overflow. Make sure that
images never require a L1 table larger than what fits in s->l1_size.
This cannot only cause unbounded allocations, but also the allocation of
a too small L1 table, resulting in out-of-bounds array accesses (both
reads and writes).
Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|