mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
qemu/hw/net
History
Prasad J Pandit d05dcd94ae net: vmxnet3: validate configuration values during activate (CVE-2021-20203) 
While activating device in vmxnet3_acticate_device(), it does not
validate guest supplied configuration values against predefined
minimum - maximum limits. This may lead to integer overflow or
OOB access issues. Add checks to avoid it.

Fixes: CVE-2021-20203
Buglink: https://bugs.launchpad.net/qemu/+bug/1913873
Reported-by: Gaoning Pan <pgn@zju.edu.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2021-11-19 11:43:47 +08:00
..
can
hw/net/can: sja1000 fix buff2frame_bas and buff2frame_pel when dlc is out of std CAN 8 bytes
2021-08-02 12:19:18 +08:00
fsl_etsec
hw/net: fsl_etsec: Tx padding length should exclude CRC
2021-03-31 11:10:50 +11:00
rocker
net/rocker: use GDateTime for formatting timestamp in debug messages
2021-07-14 14:15:52 +01:00
allwinner_emac.c
allwinner-sun8i-emac.c
hw/net/allwinner-sun8i-emac: traverse transmit queue using TX_CUR_DESC register value
2021-03-12 12:40:10 +00:00
cadence_gem.c
cadence_gem: switch to use qemu_receive_packet() for loopback
2021-03-15 16:41:22 +08:00
dp8393x.c
dp8393x: don't force 32-bit register access
2021-07-11 22:29:54 +02:00
e1000_regs.h
e1000.c
e1000: fix tx re-entrancy problem
2021-11-05 11:31:42 +08:00
e1000e_core.c
hw/net: e1000e: Don't zero out the VLAN tag in the legacy RX descriptor
2021-08-02 12:19:18 +08:00
e1000e_core.h
e1000e: Fix Lesser GPL version number
2020-11-15 16:45:49 +01:00
e1000e.c
hw/net: e1000e: Correct the initial value of VET register
2021-08-02 12:19:18 +08:00
e1000x_common.c
e1000e: Fix Lesser GPL version number
2020-11-15 16:45:49 +01:00
e1000x_common.h
e1000e: Fix Lesser GPL version number
2020-11-15 16:45:49 +01:00
eepro100.c
etraxfs_eth.c
Use OBJECT_DECLARE_SIMPLE_TYPE when possible
2020-09-18 14:12:32 -04:00
ftgmac100.c
net: checksum: Introduce fine control over checksum type
2021-01-25 17:04:56 +08:00
i82596.c
Do not include sysemu/sysemu.h if it's not really necessary
2021-05-02 17:24:50 +02:00
i82596.h
imx_fec.c
hw/net/imx_fec: return 0xffff when accessing non-existing PHY
2021-05-27 11:03:07 +08:00
Kconfig
hw/net/can: Correct Kconfig dependencies
2020-09-30 19:11:37 +02:00
lan9118.c
lan9118: switch to use qemu_receive_packet() for loopback
2021-03-15 16:41:22 +08:00
lance.c
lasi_i82596.c
Do not include sysemu/sysemu.h if it's not really necessary
2021-05-02 17:24:50 +02:00
mcf_fec.c
mcf_fec: Move mcf_fec_state typedef to header
2020-08-27 14:04:54 -04:00
meson.build
Drop the deprecated lm32 target
2021-05-12 18:20:25 +02:00
mipsnet.c
Use OBJECT_DECLARE_SIMPLE_TYPE when possible
2020-09-18 14:12:32 -04:00
msf2-emac.c
Do not include exec/address-spaces.h if it's not really necessary
2021-05-02 17:24:51 +02:00
ne2000-isa.c
Use OBJECT_DECLARE_SIMPLE_TYPE when possible
2020-09-18 14:12:32 -04:00
ne2000-pci.c
ne2000.c
ne2000.h
net_rx_pkt.c
net_rx_pkt.h
net_tx_pkt.c
hw/net/net_tx_pkt: Fix crash detected by fuzzer
2021-07-19 09:33:39 +02:00
net_tx_pkt.h
hw/net: Added plen fix for IPv6
2020-07-21 21:30:39 +08:00
npcm7xx_emc.c
net/npcm7xx_emc.c: Fix handling of receiving packets when RSDR not set
2021-03-30 14:05:33 +01:00
opencores_eth.c
Use OBJECT_DECLARE_SIMPLE_TYPE when possible
2020-09-18 14:12:32 -04:00
pcnet-pci.c
Remove superfluous timer_del() calls
2021-01-08 15:13:38 +00:00
pcnet.c
pcnet: switch to use qemu_receive_packet() for loopback
2021-03-15 16:41:22 +08:00
pcnet.h
rtl8139.c
rtl8139: switch to use qemu_receive_packet() for loopback
2021-03-15 16:41:22 +08:00
smc91c111.c
Use OBJECT_DECLARE_SIMPLE_TYPE when possible
2020-09-18 14:12:32 -04:00
spapr_llan.c
Do not include cpu.h if it's not really necessary
2021-05-02 17:24:51 +02:00
stellaris_enet.c
Use OBJECT_DECLARE_SIMPLE_TYPE when possible
2020-09-18 14:12:32 -04:00
sungem.c
sungem: switch to use qemu_receive_packet() for loopback
2021-03-15 16:41:22 +08:00
sunhme.c
Use OBJECT_DECLARE_SIMPLE_TYPE when possible
2020-09-18 14:12:32 -04:00
trace-events
dp8393x: convert to trace-events
2021-07-02 17:35:08 +02:00
trace.h
trace: switch position of headers to what Meson requires
2020-08-21 06:18:24 -04:00
tulip.c
tulip: Move TulipState typedef to header
2020-08-27 14:04:54 -04:00
tulip.h
Use OBJECT_DECLARE_SIMPLE_TYPE when possible
2020-09-18 14:12:32 -04:00
vhost_net-stub.c
vhost-net: control virtqueue support
2021-10-20 04:44:05 -04:00
vhost_net.c
vhost: Fix last vq queue index of devices with no cvq
2021-11-11 03:13:05 -05:00
virtio-net.c
virtio-net: vhost control virtqueue support
2021-10-20 04:44:05 -04:00
vmware_utils.h
vmxnet3_defs.h
Use DECLARE_*CHECKER* macros
2020-09-09 09:27:09 -04:00
vmxnet3.c
net: vmxnet3: validate configuration values during activate (CVE-2021-20203)
2021-11-19 11:43:47 +08:00
vmxnet3.h
vmxnet_debug.h
xen_nic.c
Revert "net: Move NetClientState.info_str to dynamic allocations"
2021-04-08 17:33:59 +08:00
xgmac.c
hw: Do not include qemu/log.h if it is not necessary
2021-05-02 17:24:50 +02:00
xilinx_axienet.c
hw/net/xilinx_axienet: Rename StreamSlave as StreamSink
2020-12-10 12:15:04 -05:00
xilinx_ethlite.c
Use DECLARE_*CHECKER* macros
2020-09-09 09:27:09 -04:00