]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
qemu: Fix CVE-2023-5088
authorVijay Anusuri <vanusuri@mvista.com>
Fri, 29 Dec 2023 03:57:41 +0000 (09:27 +0530)
committerSteve Sakoman <steve@sakoman.com>
Fri, 29 Dec 2023 16:03:18 +0000 (06:03 -1000)
commitdf9e2d40c52b752940de61388997e485da56de0c
tree4ed7a9dfb79891764e890af2fece52b6ac383219
parent5b55648f3142762c9563289c1b19aa3b7de27164
qemu: Fix CVE-2023-5088

A bug in QEMU could cause a guest I/O operation otherwise
addressed to an arbitrary disk offset to be targeted to
offset 0 instead (potentially overwriting the VM's boot code).

This change is to fix CVE-2023-5088.

Link: https://gitlab.com/qemu-project/qemu/-/commit/7d7512019fc40c577e2bdd61f114f31a9eb84a8e
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-devtools/qemu/qemu.inc
meta/recipes-devtools/qemu/qemu/CVE-2023-5088.patch [new file with mode: 0644]