-
- Downloads
Merge tag 'pull-request-2022-03-21' of https://gitlab.com/thuth/qemu into staging
* Fix stack-overflow due to recursive DMA in intel-hda (CVE-2021-3611) * Fix heap overflow due to recursive DMA in sdhci code # gpg: Signature made Mon 21 Mar 2022 16:14:36 GMT # gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5 # gpg: issuer "thuth@redhat.com" # gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full] # gpg: aka "Thomas Huth <thuth@redhat.com>" [full] # gpg: aka "Thomas Huth <huth@tuxfamily.org>" [full] # gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown] # Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5 * tag 'pull-request-2022-03-21' of https://gitlab.com/thuth/qemu : tests/qtest/fuzz-sdcard-test: Add reproducer for OSS-Fuzz (Issue 29225) hw/sd/sdhci: Prohibit DMA accesses to devices hw/sd/sdhci: Honor failed DMA transactions tests/qtest/intel-hda-test: Add reproducer for issue #542 hw/audio/intel-hda: Restrict DMA engine to memories (not MMIO devices) hw/audio/intel-hda: Do not ignore DMA overrun errors softmmu/physmem: Introduce MemTxAttrs::memory field and MEMTX_ACCESS_ERROR softmmu/physmem: Simplify flatview_write and address_space_access_valid Signed-off-by:Peter Maydell <peter.maydell@linaro.org>
Showing
- hw/audio/intel-hda.c 8 additions, 3 deletionshw/audio/intel-hda.c
- hw/sd/sdhci.c 26 additions, 9 deletionshw/sd/sdhci.c
- include/exec/memattrs.h 9 additions, 0 deletionsinclude/exec/memattrs.h
- softmmu/physmem.c 45 additions, 10 deletionssoftmmu/physmem.c
- tests/qtest/fuzz-sdcard-test.c 76 additions, 0 deletionstests/qtest/fuzz-sdcard-test.c
- tests/qtest/intel-hda-test.c 34 additions, 0 deletionstests/qtest/intel-hda-test.c
Loading
Please register or sign in to comment