OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
284f191b4a
qemu-e2k/hw/rdma/vmw
History
Marcel Apfelbaum 284f191b4a hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582) 
Ensure mremap boundaries not trusting the guest kernel to
pass the correct buffer length.

Fixes: CVE-2021-3582
Reported-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
Tested-by: VictorV (Kunlun Lab) <vv474172261@gmail.com>
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Message-Id: <20210616110600.20889-1-marcel.apfelbaum@gmail.com>
Reviewed-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Tested-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
2021-07-04 22:47:51 +03:00
..
pvrdma_cmd.c hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582) 2021-07-04 22:47:51 +03:00
pvrdma_dev_ring.c pvrdma: wean code off pvrdma_ring.h kernel header 2021-03-15 16:41:22 +08:00
pvrdma_dev_ring.h pvrdma: wean code off pvrdma_ring.h kernel header 2021-03-15 16:41:22 +08:00
pvrdma_main.c pvrdma: wean code off pvrdma_ring.h kernel header 2021-03-15 16:41:22 +08:00
pvrdma_qp_ops.c misc: Replace zero-length arrays with flexible array member (automatic) 2020-03-16 22:07:42 +01:00
pvrdma_qp_ops.h Clean up header guards that don't match their file name 2019-05-13 08:58:55 +02:00
pvrdma.h pvrdma: wean code off pvrdma_ring.h kernel header 2021-03-15 16:41:22 +08:00
trace-events docs: fix references to docs/devel/tracing.rst 2021-06-02 06:51:09 +02:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00