mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b8002058c4
qemu/hw/virtio
History
zhenwei pi 9d38a84347 virtio-crypto: verify src&dst buffer length for sym request 
For symmetric algorithms, the length of ciphertext must be as same
as the plaintext.
The missing verification of the src_len and the dst_len in
virtio_crypto_sym_op_helper() may lead buffer overflow/divulged.

This patch is originally written by Yiming Tao for QEMU-SECURITY,
resend it(a few changes of error message) in qemu-devel.

Fixes: CVE-2023-3180
Fixes: 04b9b37edda("virtio-crypto: add data queue processing handler")
Cc: Gonglei <arei.gonglei@huawei.com>
Cc: Mauro Matteo Cascella <mcascell@redhat.com>
Cc: Yiming Tao <taoym@zju.edu.cn>
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Message-Id: <20230803024314.29962-2-pizhenwei@bytedance.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2023-08-03 16:16:17 -04:00
..
Kconfig virtio-md-pci: New parent type for virtio-mem-pci and virtio-pmem-pci 2023-07-12 09:27:25 +02:00
meson.build virtio-md-pci: New parent type for virtio-mem-pci and virtio-pmem-pci 2023-07-12 09:27:25 +02:00
trace-events virtio-iommu: Fix 64kB host page size VFIO device assignment 2023-07-10 18:59:32 -04:00
trace.h
vdpa-dev-pci.c
vdpa-dev.c vhost-user: fully use new backend/frontend naming 2023-06-26 09:50:00 -04:00
vhost-backend.c
vhost-iova-tree.c
vhost-iova-tree.h
vhost-scsi-pci.c
vhost-shadow-virtqueue.c vhost: Fix false positive out-of-bounds 2023-07-10 18:59:32 -04:00
vhost-shadow-virtqueue.h vhost: fix possible wrap in SVQ descriptor ring 2023-05-19 01:36:09 -04:00
vhost-stub.c vhost: register and change IOMMU flag depending on Device-TLB state 2023-07-10 15:07:50 -04:00
vhost-user-blk-pci.c
vhost-user-fs-pci.c
vhost-user-fs.c hw/virtio: fix typo in VIRTIO_CONFIG_IRQ_IDX comments 2023-07-10 18:59:32 -04:00
vhost-user-gpio-pci.c
vhost-user-gpio.c hw/virtio: fix typo in VIRTIO_CONFIG_IRQ_IDX comments 2023-07-10 18:59:32 -04:00
vhost-user-i2c-pci.c
vhost-user-i2c.c virtio: i2c: Check notifier helpers for VIRTIO_CONFIG_IRQ_IDX 2023-04-24 22:56:55 -04:00
vhost-user-input-pci.c
vhost-user-rng-pci.c
vhost-user-rng.c
vhost-user-scmi-pci.c hw/virtio: Add vhost-user-scmi-pci boilerplate 2023-07-10 16:17:08 -04:00
vhost-user-scmi.c hw/virtio: Add a protection against duplicate vu_scmi_stop calls 2023-08-03 16:06:49 -04:00
vhost-user-scsi-pci.c
vhost-user-vsock-pci.c
vhost-user-vsock.c
vhost-user.c vhost-user: Make RESET_DEVICE a per device message 2023-07-10 16:17:08 -04:00
vhost-vdpa.c vhost-vdpa: mute unaligned memory error report 2023-07-10 18:59:32 -04:00
vhost-vsock-common.c hw/virtio: fix typo in VIRTIO_CONFIG_IRQ_IDX comments 2023-07-10 18:59:32 -04:00
vhost-vsock-pci.c
vhost-vsock.c
vhost.c vhost: fix the fd leak 2023-08-03 16:06:49 -04:00
virtio-9p-pci.c
virtio-balloon-pci.c
virtio-balloon.c hw: replace most qemu_bh_new calls with qemu_bh_new_guarded 2023-04-28 11:31:54 +02:00
virtio-blk-pci.c
virtio-bus.c
virtio-config-io.c
virtio-crypto-pci.c
virtio-crypto.c virtio-crypto: verify src&dst buffer length for sym request 2023-08-03 16:16:17 -04:00
virtio-hmp-cmds.c
virtio-input-host-pci.c
virtio-input-pci.c virtio-input-pci: add virtio-multitouch-pci 2023-05-28 13:08:25 +04:00
virtio-iommu-pci.c
virtio-iommu.c virtio-iommu: Standardize granule extraction and formatting 2023-08-03 16:06:49 -04:00
virtio-md-pci.c virtio-md-pci: Support unplug requests for compatible devices 2023-07-12 09:27:30 +02:00
virtio-mem-pci.c virtio-mem-pci: Device unplug support 2023-07-12 09:27:32 +02:00
virtio-mem-pci.h virtio-md-pci: New parent type for virtio-mem-pci and virtio-pmem-pci 2023-07-12 09:27:25 +02:00
virtio-mem.c virtio-mem: Prepare for device unplug support 2023-07-12 09:27:31 +02:00
virtio-mmio.c
virtio-net-pci.c
virtio-pci.c virtio-pci: add handling of PCI ATS and Device-TLB enable/disable 2023-05-19 10:30:46 -04:00
virtio-pmem-pci.c virtio-md-pci: New parent type for virtio-mem-pci and virtio-pmem-pci 2023-07-12 09:27:25 +02:00
virtio-pmem-pci.h virtio-md-pci: New parent type for virtio-mem-pci and virtio-pmem-pci 2023-07-12 09:27:25 +02:00
virtio-pmem.c thread-pool: avoid passing the pool parameter every time 2023-04-25 13:17:28 +02:00
virtio-qmp.c hw/virtio: qmp: add RING_RESET to 'info virtio-status' 2023-08-03 16:06:49 -04:00
virtio-qmp.h
virtio-rng-pci.c
virtio-rng.c
virtio-scsi-pci.c
virtio-serial-pci.c
virtio-stub.c
virtio.c virtio: Fix packed virtqueue used_idx mask 2023-08-03 16:06:49 -04:00