qemu-e2k/hw
Prasad J Pandit 837f21aacf net: pcnet: add check to validate receive data size(CVE-2015-7504)
In loopback mode, pcnet_receive routine appends CRC code to the
receive buffer. If the data size given is same as the buffer size,
the appended CRC code overwrites 4 bytes after s->buffer. Added a
check to avoid that.

Reported by: Qinghao Tang <luodalongde@gmail.com>
Cc: qemu-stable@nongnu.org
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2015-12-07 21:43:48 +08:00
..
9pfs coroutine: move into libqemuutil.a library 2015-10-20 14:59:04 +01:00
acpi
alpha Use DEFINE_MACHINE() to register all machines 2015-09-19 16:40:15 +02:00
arm hw/arm/virt: don't use a15memmap directly 2015-10-27 12:00:50 +00:00
audio Remove macros IO_READ_PROTO and IO_WRITE_PROTO 2015-10-19 09:03:53 +02:00
block dataplane: Mark host notifiers' client type as "external" 2015-10-23 18:18:24 +02:00
bt bt: remove muldiv64() 2015-09-25 14:56:22 +02:00
char i.MX: Standardize i.MX serial debug. 2015-10-27 13:16:21 +00:00
core Use DEFINE_MACHINE() to register all machines 2015-09-19 16:40:15 +02:00
cpu icc_bus: drop the unused files 2015-10-02 16:22:02 -03:00
cris cris: Remove ELF_MACHINE from cpu.h 2015-09-25 12:04:43 +02:00
display vmsvga: more cursor checks 2015-10-20 09:26:36 +02:00
dma
gpio i.MX: Standardize i.MX GPIO debug 2015-10-27 15:59:46 +00:00
i2c i.MX: Standardize i.MX I2C debug 2015-10-27 15:59:46 +00:00
i386 xen-platform: Replace assert() with appropriate error reporting 2015-10-26 11:32:24 +00:00
ide macio-ide: add to storage category 2015-10-23 12:35:18 +11:00
input adb: add to input category 2015-10-23 12:35:17 +11:00
intc i.MX: Standardize i.MX AVIC debug 2015-10-27 15:59:46 +00:00
ipack
isa hw/isa/lpc_ich9: inject the SMI on the VCPU that is writing to APM_CNT 2015-10-22 14:39:09 +03:00
lm32 lm32: Remove ELF_MACHINE from cpu.h 2015-09-25 12:04:43 +02:00
m68k m68k: Remove ELF_MACHINE from cpu.h 2015-09-25 12:04:43 +02:00
mem pc-dimm: add vhost slots limit check before commiting to hotplug 2015-10-22 14:34:48 +03:00
microblaze mb: Remove ELF_MACHINE from cpu.h 2015-09-25 12:04:43 +02:00
mips * First batch of MAINTAINERS updates 2015-09-25 21:52:30 +01:00
misc i.MX: Standardize i.MX CCM debug 2015-10-27 15:59:46 +00:00
moxie moxie: Remove ELF_MACHINE from cpu.h 2015-09-25 12:04:43 +02:00
net net: pcnet: add check to validate receive data size(CVE-2015-7504) 2015-12-07 21:43:48 +08:00
nvram macio-nvram: add to misc category 2015-10-23 12:35:18 +11:00
openrisc * First batch of MAINTAINERS updates 2015-09-25 21:52:30 +01:00
pci msix: implement pba write (but read-only) 2015-10-24 18:03:18 +02:00
pci-bridge
pci-host uninorth: add to bridge category 2015-10-23 12:35:18 +11:00
pcmcia hw: do not pass NULL to memory_region_init from instance_init 2015-10-09 15:25:56 +02:00
ppc prep: do not use CPU_LOG_IOPORT, convert to tracepoints 2015-10-23 12:38:28 +11:00
s390x s390x/cmma: clean up cmma reset 2015-10-21 12:21:30 +02:00
scsi dataplane: Mark host notifiers' client type as "external" 2015-10-23 18:18:24 +02:00
sd sdhci.c: Limit the maximum block size 2015-10-12 11:17:45 +01:00
sh4 Use DEFINE_MACHINE() to register all machines 2015-09-19 16:40:15 +02:00
smbios
sparc sparc: Remove ELF_MACHINE from cpu.h 2015-09-25 12:04:44 +02:00
sparc64 sparc: Remove ELF_MACHINE from cpu.h 2015-09-25 12:04:44 +02:00
ssi
timer i.MX: Standardize i.MX GPT debug 2015-10-27 15:59:46 +00:00
tpm
tricore tricore: Remove ELF_MACHINE from cpu.h 2015-09-25 12:04:44 +02:00
unicore32 Use DEFINE_MACHINE() to register all machines 2015-09-19 16:40:15 +02:00
usb hw/usb-storage: Check whether BB is inserted 2015-10-23 18:18:23 +02:00
vfio kvm: Pass PCI device pointer to MSI routing functions 2015-10-19 10:13:07 +02:00
virtio vhost: build fix 2015-10-23 10:24:08 +01:00
watchdog i6300esb: remove muldiv64() 2015-09-25 14:52:17 +02:00
xen Qemu/Xen: Fix early freeing MSIX MMIO memory region 2015-10-26 11:32:18 +00:00
xenpv Use DEFINE_MACHINE() to register all machines 2015-09-19 16:40:15 +02:00
xtensa target-xtensa: xtfpga: attach FLASH to system IO 2015-10-21 21:28:33 +03:00
Makefile.objs