qemu-e2k/hw
P J P 737d2b3c41 net: avoid infinite loop when receiving packets(CVE-2015-5278)
Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
bytes to process network packets. While receiving packets
via ne2000_receive() routine, a local 'index' variable
could exceed the ring buffer size, leading to an infinite
loop situation.

Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-09-15 12:51:14 +01:00
..
9pfs
acpi
alpha
arm
audio
block * Support for jemalloc 2015-09-14 16:13:16 +01:00
bt
char
core
cpu
cris
display
dma * Support for jemalloc 2015-09-14 16:13:16 +01:00
gpio
i2c
i386 * Support for jemalloc 2015-09-14 16:13:16 +01:00
ide
input
intc
ipack
isa
lm32
m68k
mem
microblaze
mips * Support for jemalloc 2015-09-14 16:13:16 +01:00
misc * Support for jemalloc 2015-09-14 16:13:16 +01:00
moxie
net net: avoid infinite loop when receiving packets(CVE-2015-5278) 2015-09-15 12:51:14 +01:00
nvram
openrisc
pci
pci-bridge
pci-host
pcmcia
ppc * Support for jemalloc 2015-09-14 16:13:16 +01:00
s390x
scsi * Support for jemalloc 2015-09-14 16:13:16 +01:00
sd
sh4
smbios
sparc
sparc64
ssi
timer
tpm
tricore
unicore32
usb
vfio
virtio
watchdog
xen
xenpv
xtensa
Makefile.objs