qemu-e2k

History

Prasad J Pandit b8d7f1bc59 ide: atapi: check logical block address and read size (CVE-2020-29443) While processing ATAPI cmd_read/cmd_read_cd commands, Logical Block Address (LBA) maybe invalid OR closer to the last block, leading to an OOB access issues. Add range check to avoid it. Fixes: CVE-2020-29443 Reported-by: Wenxiang Qian <leonwxqian@gmail.com> Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Message-Id: <20210118115130.457044-1-ppandit@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>		2021-01-23 09:26:40 -05:00
..
ahci_internal.h	nomaintainer: Fix Lesser GPL version number	2020-11-15 17:04:40 +01:00
ahci-allwinner.c	ahci: Move QOM macro to header	2020-08-27 14:04:54 -04:00
ahci.c	hw/ide/ahci: Replace fprintf() by qemu_log_mask(GUEST_ERROR)	2021-01-18 11:51:26 +01:00
atapi.c	ide: atapi: check logical block address and read size (CVE-2020-29443)	2021-01-23 09:26:40 -05:00
cmd646.c
core.c	Remove superfluous timer_del() calls	2021-01-08 15:13:38 +00:00
ich.c	nomaintainer: Fix Lesser GPL version number	2020-11-15 17:04:40 +01:00
ioport.c	ide: rename cmd_write to ctrl_write	2020-10-01 13:04:16 -04:00
isa.c	Use OBJECT_DECLARE_SIMPLE_TYPE when possible	2020-09-18 14:12:32 -04:00
Kconfig
macio.c	ide: rename cmd_write to ctrl_write	2020-10-01 13:04:16 -04:00
meson.build
microdrive.c	Use OBJECT_DECLARE_SIMPLE_TYPE when possible	2020-09-18 14:12:32 -04:00
mmio.c	ide: rename cmd_write to ctrl_write	2020-10-01 13:04:16 -04:00
pci.c	ide: rename cmd_write to ctrl_write	2020-10-01 13:04:16 -04:00
piix.c	xen: rework pci_piix3_xen_ide_unplug	2020-11-02 11:56:55 +00:00
qdev.c	qdev: Move softmmu properties to qdev-properties-system.h	2020-12-18 15:20:17 -05:00
sii3112.c	Use OBJECT_DECLARE_SIMPLE_TYPE when possible	2020-09-18 14:12:32 -04:00
trace-events	ide: rename cmd_write to ctrl_write	2020-10-01 13:04:16 -04:00
trace.h
via.c