OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
9bbdbc66e5
qemu-e2k/hw
History
P J P 9bbdbc66e5 net: add checks to validate ring buffer pointers(CVE-2015-5279) 
Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
bytes to process network packets. While receiving packets
via ne2000_receive() routine, a local 'index' variable
could exceed the ring buffer size, which could lead to a
memory buffer overflow. Added other checks at initialisation.

Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-09-15 12:51:14 +01:00
..
9pfs
acpi
alpha
arm i.MX: Add GPIO devices to i.MX25 SOC 2015-09-14 14:39:49 +01:00
audio typofixes - v4 2015-09-11 10:45:43 +03:00
block * Support for jemalloc 2015-09-14 16:13:16 +01:00
bt maint: avoid useless "if (foo) free(foo)" pattern 2015-09-11 10:21:38 +03:00
char maint: avoid useless "if (foo) free(foo)" pattern 2015-09-11 10:21:38 +03:00
core typofixes - v4 2015-09-11 10:45:43 +03:00
cpu hw/cpu/{a15mpcore, a9mpcore}: Handle missing has_el3 CPU props gracefully 2015-09-14 14:39:49 +01:00
cris typofixes - v4 2015-09-11 10:45:43 +03:00
display typofixes - v4 2015-09-11 10:45:43 +03:00
dma * Support for jemalloc 2015-09-14 16:13:16 +01:00
gpio i.MX: Add GPIO device 2015-09-14 14:39:49 +01:00
i2c
i386 * Support for jemalloc 2015-09-14 16:13:16 +01:00
ide trivial: remove trailing newline from error_report 2015-09-11 10:21:38 +03:00
input typofixes - v4 2015-09-11 10:45:43 +03:00
intc typofixes - v4 2015-09-11 10:45:43 +03:00
ipack
isa
lm32
m68k
mem
microblaze
mips * Support for jemalloc 2015-09-14 16:13:16 +01:00
misc * Support for jemalloc 2015-09-14 16:13:16 +01:00
moxie
net net: add checks to validate ring buffer pointers(CVE-2015-5279) 2015-09-15 12:51:14 +01:00
nvram maint: avoid useless "if (foo) free(foo)" pattern 2015-09-11 10:21:38 +03:00
openrisc
pci maint: remove unused include for strings.h 2015-09-11 10:21:38 +03:00
pci-bridge
pci-host maint: avoid useless "if (foo) free(foo)" pattern 2015-09-11 10:21:38 +03:00
pcmcia
ppc * Support for jemalloc 2015-09-14 16:13:16 +01:00
s390x hw/s390x/s390-virtio-bus: Remove meaningless blank Property 2015-09-11 10:59:47 +03:00
scsi * Support for jemalloc 2015-09-14 16:13:16 +01:00
sd typofixes - v4 2015-09-11 10:45:43 +03:00
sh4 sh4: Fix initramfs initialization for endiannes-mismatched targets 2015-09-13 23:08:51 +02:00
smbios
sparc
sparc64
ssi
timer
tpm maint: remove unused include for dirent.h 2015-09-11 10:21:38 +03:00
tricore
unicore32
usb maint: avoid useless "if (foo) free(foo)" pattern 2015-09-11 10:21:38 +03:00
vfio typofixes - v4 2015-09-11 10:45:43 +03:00
virtio hw/virtio/virtio-pci: Remove meaningless blank Property 2015-09-11 11:03:42 +03:00
watchdog i6300esb: fix timer overflow 2015-09-11 10:21:38 +03:00
xen typofixes - v4 2015-09-11 10:45:43 +03:00
xenpv
xtensa
Makefile.objs