xenbits.xensource.com Git - qemu-upstream-4.6-testing.git/commit

]> xenbits.xensource.com Git - qemu-upstream-4.6-testing.git/commit

projects / qemu-upstream-4.6-testing.git / commit

author	Gerd Hoffmann <kraxel@redhat.com>
	Mon, 14 Dec 2015 08:21:23 +0000 (09:21 +0100)
committer	Stefano Stabellini <stefano.stabellini@eu.citrix.com>
	Fri, 5 Feb 2016 13:58:51 +0000 (13:58 +0000)
commit	a028c96f0f10db221e07eb0524c01b77aaa42341
tree	33f1b9d5899aca877e0d0b8cd2c9f01f314b3a40	tree
parent	47f168e2da96473ede608a17aa757c11bc90fc5f	commit \| diff

ehci: make idt processing more robust

Make ehci_process_itd return an error in case we didn't do any actual
iso transfer because we've found no active transaction. That'll avoid
ehci happily run in circles forever if the guest builds a loop out of
idts.

This is CVE-2015-8558.

Cc: qemu-stable@nongnu.org
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Tested-by: P J P <ppandit@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

hw/usb/hcd-ehci.c

diff | blob | history

Obsolete Upstream Qemu based repository for xen-4.6-testing

RSS Atom