falso
/
qemu-irix
mirror of https://github.com/n64decomp/qemu-irix.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
qemu-irix/hw/i386
History
Prasad J Pandit fca5f37fe9 multiboot: validate multiboot header address values 
While loading kernel via multiboot-v1 image, (flags & 0x00010000)
indicates that multiboot header contains valid addresses to load
the kernel image. These addresses are used to compute kernel
size and kernel text offset in the OS image. Validate these
address values to avoid an OOB access issue.

This is CVE-2017-14167.

Reported-by: Thomas Garnier <thgarnie@google.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <20170907063256.7418-1-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit ed4f86e8b6)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
 		2017-09-22 18:11:49 -05:00
..
kvm Convert error_report() to warn_report() 2017-07-13 13:49:58 +02:00
xen trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
Makefile.objs hw/i386: Introduce AMD IOMMU 2016-09-24 01:02:00 +03:00
acpi-build.c hw/i386: allow SHPC for Q35 machine 2017-08-08 00:31:09 +03:00
acpi-build.h Use scripts/clean-includes to drop redundant qemu/typedefs.h 2016-03-22 22:20:16 +01:00
amd_iommu.c memory/iommu: introduce IOMMUMemoryRegionClass 2017-07-14 12:04:41 +02:00
amd_iommu.h memory/iommu: introduce IOMMUMemoryRegionClass 2017-07-14 12:04:41 +02:00
intel_iommu.c intel_iommu: use access_flags for iotlb 2017-08-02 00:13:25 +03:00
intel_iommu_internal.h intel_iommu: fix iova for pt 2017-08-02 00:13:25 +03:00
kvmvapic.c mttcg/i386: Patch instruction using async_safe_* framework 2017-07-14 12:04:35 +02:00
multiboot.c multiboot: validate multiboot header address values 2017-09-22 18:11:49 -05:00
multiboot.h refer to FWCfgState explicitly 2013-06-02 18:14:02 +03:00
pc.c hw/ppc/spapr: Fix segfault when instantiating a 'pc-dimm' without 'memdev' 2017-08-22 21:26:46 +10:00
pc_piix.c numa: Move numa_legacy_auto_assign_ram to pc-i440fx-2.9 2017-08-23 13:53:15 +01:00
pc_q35.c ahci: add ahci_get_num_ports 2017-07-18 11:47:56 -04:00
pc_sysfw.c hw: Use new memory_region_init_{ram, rom, rom_device}() functions 2017-07-14 17:59:42 +01:00
pci-assign-load-rom.c memory: Rename memory_region_init_ram() to memory_region_init_ram_nomigrate() 2017-07-14 17:59:42 +01:00
trace-events docs: fix broken paths to docs/devel/tracing.txt 2017-07-31 13:12:53 +03:00
x86-iommu.c intel_iommu: support passthrough (PT) 2017-05-25 21:25:27 +03:00