284d3b2cab
original commits and email can be found here[0] A out-of-bounds heap buffer access issue was found in the SLiRP networking implementation of the QEMU emulator. It occurs in tcp_emu() routine while emulating IRC and other protocols due to unsafe usage of snprintf(3) function. A user/process could use this flaw to crash the Qemu process on the host resulting in DoS or potentially execute arbitrary code with privileges of the QEMU process on the host. [0]: https://seclists.org/oss-sec/2020/q1/64 Signed-off-by: Oguz Bektas <o.bektas@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> |
||
|---|---|---|
| .. | ||
| 0001-monitor-qmp-resume-monitor-when-clearing-its-queue.patch | ||
| 0002-virtio-blk-schedule-virtio_notify_config-to-run-on-m.patch | ||
| 0003-vnc-fix-memory-leak-when-vnc-disconnect.patch | ||
| 0004-util-add-slirp_fmt-helpers.patch | ||
| 0005-tcp_emu-fix-unsafe-snprintf-usages.patch | ||