]> git.ipfire.org Git - thirdparty/qemu.git/commit
projects / thirdparty / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b209cc4) | patch
hw/pvrdma: Protect against buggy or malicious guest driver
authorYuval Shaia <yuval.shaia.ml@gmail.com>
Sun, 3 Apr 2022 09:52:34 +0000 (12:52 +0300)
committerMichael Tokarev <mjt@tls.msk.ru>
Thu, 30 Mar 2023 09:19:04 +0000 (12:19 +0300)
commita2efa1fac49b7d7d10564ef0007b2ed02e69fdf5
tree8b040df7630ce9a9277002fea5f96d34ee3b6460tree
parentb209cc4556d56938fa8a933670b8fb98c036af37commit | diff
hw/pvrdma: Protect against buggy or malicious guest driver

Guest driver might execute HW commands when shared buffers are not yet
allocated.
This could happen on purpose (malicious guest) or because of some other
guest/host address mapping error.
We need to protect againts such case.

Fixes: CVE-2022-1050
Reported-by: Raven <wxhusst@gmail.com>
Signed-off-by: Yuval Shaia <yuval.shaia.ml@gmail.com>
Message-Id: <20220403095234.2210-1-yuval.shaia.ml@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
(cherry picked from commit 31c4b6fb0293e359f9ef8a61892667e76eea4c99)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
hw/rdma/vmw/pvrdma_cmd.c diff | blob | blame | history
Mirror of https://git.qemu.org/git/qemu.git