]> git.ipfire.org Git - thirdparty/qemu.git/commit
projects / thirdparty / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 95a3fcc) | patch
display/qxl-render: fix race condition in qxl_cursor (CVE-2021-4207)
authorMauro Matteo Cascella <mcascell@redhat.com>
Thu, 7 Apr 2022 08:11:06 +0000 (10:11 +0200)
committerGerd Hoffmann <kraxel@redhat.com>
Thu, 7 Apr 2022 10:30:54 +0000 (12:30 +0200)
commit9569f5cb5b4bffa9d3ebc8ba7da1e03830a9a895
tree4f8c2bc1168b262533c7cb73392ddb30aa0ce2a6tree
parent95a3fcc7487e5bef262e1f937ed8636986764c4ecommit | diff
display/qxl-render: fix race condition in qxl_cursor (CVE-2021-4207)

Avoid fetching 'width' and 'height' a second time to prevent possible
race condition. Refer to security advisory
https://starlabs.sg/advisories/22-4207/ for more information.

Fixes: CVE-2021-4207
Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20220407081106.343235-1-mcascell@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
hw/display/qxl-render.c diff | blob | blame | history
Mirror of https://git.qemu.org/git/qemu.git