mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
qemu/hw/ide
History
Prasad J Pandit b8d7f1bc59 ide: atapi: check logical block address and read size (CVE-2020-29443) 
While processing ATAPI cmd_read/cmd_read_cd commands,
Logical Block Address (LBA) maybe invalid OR closer to the last block,
leading to an OOB access issues. Add range check to avoid it.

Fixes: CVE-2020-29443
Reported-by: Wenxiang Qian <leonwxqian@gmail.com>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20210118115130.457044-1-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-01-23 09:26:40 -05:00
..
ahci_internal.h
nomaintainer: Fix Lesser GPL version number
2020-11-15 17:04:40 +01:00
ahci-allwinner.c
ahci.c
hw/ide/ahci: Replace fprintf() by qemu_log_mask(GUEST_ERROR)
2021-01-18 11:51:26 +01:00
atapi.c
ide: atapi: check logical block address and read size (CVE-2020-29443)
2021-01-23 09:26:40 -05:00
cmd646.c
core.c
Remove superfluous timer_del() calls
2021-01-08 15:13:38 +00:00
ich.c
nomaintainer: Fix Lesser GPL version number
2020-11-15 17:04:40 +01:00
ioport.c
isa.c
Kconfig
macio.c
meson.build
microdrive.c
mmio.c
pci.c
piix.c
xen: rework pci_piix3_xen_ide_unplug
2020-11-02 11:56:55 +00:00
qdev.c
qdev: Move softmmu properties to qdev-properties-system.h
2020-12-18 15:20:17 -05:00
sii3112.c
trace-events
trace.h
via.c