add patch for CVE-2019-20382 (vnc disconnect memory leak)
oss-security email can be found here[0] upstream commit here[1] this effects our vncproxy. dominik and me tested if the issue is present on our branch and it appears that it is. in essence when we disconnect from a vnc connection, the memory isn't free'd afterwards which causes the qemu process to use more and more memory with each disconnect, which could lead to a dos scenario. we tested the patch and it seems to mitigate the problem. [0]: https://seclists.org/oss-sec/2020/q1/105 [1]: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=6bf21f3d83e95bcc4ba35a7a07cc6655e8b010b0 Tested-by: Dominik Csapak <d.csapak@proxmox.com> Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
This commit is contained in:
Oguz Bektas
Thomas Lamprecht
parent
487df43ff9
commit
ee8bd5bfbe
1016
debian/patches/extra/0003-vnc-fix-memory-leak-when-vnc-disconnect.patch
vendored
Normal file
1016
debian/patches/extra/0003-vnc-fix-memory-leak-when-vnc-disconnect.patch
vendored
Normal file
File diff suppressed because it is too large
Load Diff
1
debian/patches/series
vendored
1
debian/patches/series
vendored
@ -1,5 +1,6 @@
|
|||||||
extra/0001-monitor-qmp-resume-monitor-when-clearing-its-queue.patch
|
extra/0001-monitor-qmp-resume-monitor-when-clearing-its-queue.patch
|
||||||
extra/0002-virtio-blk-schedule-virtio_notify_config-to-run-on-m.patch
|
extra/0002-virtio-blk-schedule-virtio_notify_config-to-run-on-m.patch
|
||||||
|
extra/0003-vnc-fix-memory-leak-when-vnc-disconnect.patch
|
||||||
pve/0001-PVE-Config-block-file-change-locking-default-to-off.patch
|
pve/0001-PVE-Config-block-file-change-locking-default-to-off.patch
|
||||||
pve/0002-PVE-Config-Adjust-network-script-path-to-etc-kvm.patch
|
pve/0002-PVE-Config-Adjust-network-script-path-to-etc-kvm.patch
|
||||||
pve/0003-PVE-Config-set-the-CPU-model-to-kvm64-32-instead-of-.patch
|
pve/0003-PVE-Config-set-the-CPU-model-to-kvm64-32-instead-of-.patch
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user